New! View global litigation for patent families

US20030101348A1 - Method and system for determining confidence in a digital transaction - Google Patents

Method and system for determining confidence in a digital transaction Download PDF

Info

Publication number
US20030101348A1
US20030101348A1 US10194959 US19495902A US2003101348A1 US 20030101348 A1 US20030101348 A1 US 20030101348A1 US 10194959 US10194959 US 10194959 US 19495902 A US19495902 A US 19495902A US 2003101348 A1 US2003101348 A1 US 2003101348A1
Authority
US
Grant status
Application
Patent type
Prior art keywords
trust
transaction
metric
confidence
token
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US10194959
Inventor
Anthony Russo
Peter McCoy
Mark Howell
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ATRUA TECHNOLOGIES Inc
Original Assignee
I-CONTROL SECURITY Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06KRECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K9/00Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
    • G06K9/00006Acquiring or recognising fingerprints or palmprints
    • G06K9/00013Image acquisition
    • G06K9/00026Image acquisition by combining adjacent partial images (e.g. slices) to create a composite input or reference pattern; tracking a sweeping finger movement
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/02Reservations, e.g. for tickets, services or events
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce, e.g. shopping or e-commerce
    • G06Q30/06Buying, selling or leasing transactions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/08Randomization, e.g. dummy operations or using noise
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Abstract

The present invention provides systems and methods utilizing tokens to assign or mitigate risk. A software token is provided that associates a secret—such as a private key or password—with risk factors involved in protecting that secret from illicit access. The token may include an indication or calculation of the “overall risk of compromise” (OROC), generally represented as an overall trust metric, associated with the secret. This token can then be used to inform system operators or third parties of the confidence of a given system transaction that depends on the secret. A third party can then take whatever actions it deems appropriate according to the estimated risk. For example, in one embodiment of the present invention, the risk factor is used to deny a transaction if the risk is deemed to great—that is if the risk factor is greater than a predetermined (or sufficient) value.

Description

    RELATED APPLICATIONS
  • [0001]
    This application further relates to the following co-pending applications:
  • [0002]
    U.S. application Ser. No. ______, filed ______, entitled “BIOMETRICALLY ENHANCED DIGITAL CERTIFICATES AND SYSTEM AND METHOD FOR MAKING AND USING” (Attorney Docket No. A-70596/RMA/JML);
  • [0003]
    U.S. application Ser. No. ______, filed ______, entitled “SECURE NETWORK AND NETWORKED DEVICES USING BIOMETRICS” (Attorney Docket No. A70595/RMA/JML); and
  • [0004]
    U.S. application Ser. No. ______, filed ______, entitled “METHOD AND SYSTEM FOR BIOMETRIC IMAGE ASSEMBLY FROM MULTIPLE PARTIAL BIOMETRIC FRAME SCANS” (Attorney Docket No. A-70591/RMA/JML); all of which are hereby incorporated by reference.
  • [0005]
    This application claims the benefit under 35 U.S.C. §119 and/or 35 U.S.C. §120 of the filing date of: U.S. Provisional Application Serial No. 60/305,120, filed Jul. 12, 2001, which is hereby incorporated by reference, and entitled SYSTEM, METHOD, DEVICE AND COMPUTER PROGRAM FOR NON-REPUDIATED WIRELESS TRANSACTIONS; U.S. patent application Ser. No. 10/099,554 filed Mar. 13, 2002 and entitled SYSTEM, METHOD, AND OPERATING MODEL FOR MOBILE WIRELESS NETWORK-BASED TRANSACTION AUTHENTICATION AND NON-REPUDIATION; and U.S. patent application Ser. No. 10/099,558 filed Mar. 13, 2002 and entitled FINGERPRINT BIOMETRIC CAPTURE DEVICE AND METHOD WITH INTEGRATED ON-CHIP DATA BUFFERING; each of which applications are incorporated by reference herein.
  • FIELD OF THE INVENTION
  • [0006]
    The present invention relates generally to the field of methods, computer programs and computer program products, devices, and systems for encryption systems, especially public key infrastructure (PKI) systems, and also to the field of biometrics, especially but not limited to biometrics such as human fingerprints and human voiceprints.
  • BACKGROUND OF THE INVENTION
  • [0007]
    The security and integrity of information systems depends in part on authentication of individual users—accurately and reliably determining the identity of a user attempting to use the system. Once a user is authenticated, a system is then able to authorize the user to retrieve certain information or perform certain actions appropriate to the system's understanding of the user's identity. Examples of such actions include downloading a document, completing a financial transaction, or digitally signing a purchase.
  • [0008]
    Numerous methods have been developed for authenticating users. Generally, as will be understood by those skilled in the art, authentication methods are grouped into three categories, also called authentication factors: (1) something you know—a secret such as a password or a PIN or other information; (2) something you have—such as a smartcard, the key to a mechanical lock, an ID badge, or other physical object; and (3) something you are—a measure of a person such as a fingerprint or voiceprint. Each method has advantages and disadvantages including those relating to ways that a system may be fooled into accepting a normally unauthorized user in cases where, for example, a password has been guessed or a key has been stolen.
  • [0009]
    The third category above—referred to herein as ‘something you are’ authentication methods—are the subject of the biometrics field. Biometric identification is used to verify the identity of a person by measuring selected features of some physical characteristic and comparing those measurements with those filed for the person in a reference database or stored in a token (such as a smartcard) carried by the person. Physical characteristics that are used today include fingerprints, voiceprints, hand geometry, the pattern of blood vessels on the wrist or on the retina of the eye, the topography of the iris of the eye, facial patterns, and the dynamics of writing a signature or typing on a keyboard. Biometric identification methods are widely used today for securing physical access to buildings and securing data networks and personal computers.
  • [0010]
    A secure system is based upon either a mutually-shared secret or a private key of a public-private key pair. During the enrollment process, the secret is first selected or created, then agreed upon and stored for later use. There are generally four major sources of risk associated with the secret being compromised: (1) the secret can be guessed by an unauthorized user; (2) the secret was observed by an unauthorized user during creation or subsequent transmission; (3) the stored secret can be retrieved and employed by an unauthorized user after creation; and/or (4) the stored secret was issued to the wrong party.
  • [0011]
    Each of the above broad categories has its own specific risk factors depending on the type of secret, where and how it is stored and how it is created. For example, the risk of guessing is dependent on a variety of factors including, but not limited to, the type of secret (for example, a password, a private PKI key, a symmetric key, or the like), the length of the secret (for example, number of characters in the password or number of bits in the private key), and the randomness of the secret (for example, an entropy calculation plus, in the case of a password, whether the password matches a dictionary word). The risk of observation during transmission is dependent on factors including, but not limited to: whether it was transmitted at all (generally, there is no transmission of the secret in PKI); what type of encryption was used, if any, during transmission; and the network used for the transmission (for example, whether it was transmitted using a telephone, an internet, a private network, or other network or communication link or channel).
  • [0012]
    The risk of a stored secret being illicitly retrieved is dependent on factors including, but not limited to: the number of devices where instances of the secret are stored (for example, a secret may be stored on a user's PC as well as in a system database); the storage medium used for each stored instance (hard disk, paper notes, smart card, portable memory device such as a flash memory card, PKCS-11 token (as discussed further in “PKCS #11 v2.11: Cryptrographic Token Interface Standard” published June 2001 by RSA Laboratories, hereby incorporated by reference), or the like); whether the secret is stored in plain text or encrypted; if stored encrypted, the risk associated with the encryption key used; what kind of biometrics used, if any, to restrict access to the storage medium; the security of passphrase used, if any, to retrieve secret; the security of biometric system(s) used, if any, to retrieve secret; and the security of physical token used, if any, to retrieve secret—for example if a token is used, the security of that token is dependent upon whether someone else has had access to it, or if it has been lost or stolen; what combinations of passphrase, biometric, and token are required, if any; and the security of the enrolled biometric template.
  • [0013]
    The risk associated with the secret being issued to the wrong person is dependent on factors including, but not limited to: the specific method or methods used to verify the user's identity prior to issuing the secret; the degree of human interaction, if any, involved in the verification process (i.e. is it supervised and verified by a trained human being); what specific biometric system or systems, if any, is used to aid verification; which government agencies (such as for example the FBI, Secret Service, or other agency), if any, aid in the verification process; and which trusted documents, if any, were required for verification (for example bank statement, social security number, passport, or the like).
  • [0014]
    Systems used for e-commerce, online banking and other financially related areas rely on security to prevent unauthorized users from accessing services for monetary gain. For example, well-designed systems try to prevent would-be buyers from purchasing goods and services with someone else's credit card by requiring a PIN or a password.
  • [0015]
    More generally, the security and integrity of information systems depends primarily on keeping data confidential so that only authorized users may see or act against the data, and assuring the integrity of data so that the data can not be changed or tampered with undetected. The field of cryptography provides well-known tools for assuring confidentiality and integrity using encryption techniques such as ciphers and hash algorithms.
  • [0016]
    One widely known and implemented body of these tools, and procedures and practices for their use, is called Public Key Infrastructure (PKI). PKI gets its name from its use of a class of cryptographic algorithm called a public key algorithm. As is widely known to those versed in the cryptographic field, a public key algorithm is a cryptographic algorithm that operates using two different but mathematically-related keys, a public key that may be shared with any party and a private key which must be kept secret, such that (for must such algorithms) data encrypted with the public key may only be decrypted with the private key, and vice-versa. PKI standards are well known, X.509 for example, described in Housley, R., “Internet X.509 Public Key Infrastructure Certificate and CRL Profile,” RFC 2459, January 1999, and ITU-T Recommendation X.509 (1997 E): Information Technology—Open Systems Interconnection—The Directory: Authentication Framework, June 1997, both of which are hereby incorporated by reference.
  • [0017]
    These standards provide powerful mechanisms for safe and private storage and transmission of confidential data so that it remains hidden from unauthorized parties. The standards provide for digital signatures, which provide the receiving party of some data with an assurance of the identity of the transmitting party. PKI standards further provide for digital certificates, which provide a tamper-resistant, portable record of the association of a public key with a person's or organization's name, attested to and signed by a trusted party, thus presenting a form of unique, irrefutable digital identity or credential for that person or organization. PKI standards also provide other useful and powerful mechanisms that can contribute to the security and integrity of information systems.
  • [0018]
    PKI is widely used in commercial and non-commercial systems, both over the Internet and in more closed or local applications. Most web browsers, for example, use PKI and PKI-based standards to interoperate with web servers when high security is desired, as when a user specifies a credit card number for payment while placing an online order. The proliferation of electronic commerce has led many jurisdictions around the world to begin to develop legal standards with the intended result that a correctly constituted digital signature would be every bit as legally binding as a handwritten signature is today.
  • [0019]
    PKI provides powerful mechanisms, but it has weaknesses. One way for digital identities to be compromised is for an impostor to somehow get a copy of the private key that is associated with the public key embedded in a certificate, thus invalidating an assumption that only the person or organization to which the certificate is issued has access to the (secret) private key. Anyone with both the certificate (which is meant to be public information, freely exchanged with anyone) and the associated private key (which is meant to be secret) can impersonate someone else and compromise the security and integrity of an information system dependent on the valid use of a certificate and associated private key.
  • [0020]
    Most systems, therefore, secure the private key such that the user must authenticate before the private key can be used for any task. Many such systems require a password (“something you know”) or a smartcard (“something you have”), or both. Some systems provide additional security by putting the private key on a smartcard that is resistant to tampering or copying. Other systems may also employ biometrics (“something you are”) to ensure that the person using the private key is in fact the true owner of the certificate.
  • [0021]
    However, smart cards may be lost, damaged, or stolen. Passwords may be forgotten or guessed. Biometrics systems can be fooled. These concerns are part of what is called in the field “the last-meter problem”, the problem of making sure that an otherwise secure system isn't compromised by a failure to correctly authenticate the person using (and usually physically adjacent to) some part of the system. The last-meter problem can present opportunities for impostors in PKI systems. Mathematically, the theoretical probability of a PKI system being fooled or otherwise compromised is extremely low (much less than 1 in a billion, for instance). However, once the “last meter problem” is taken into account, the security of such a system is greatly reduced, as the “last meter problem” becomes the weakest link in an otherwise very secure chain.
  • [0022]
    Today's PKI systems do not take into account the risk associated with the “last meter problem” when assessing the trust level to associate with users of such systems.
  • [0023]
    Accordingly, it is an object of the present invention to provide an indication of the security of a given transaction.
  • SUMMARY
  • [0024]
    In a first embodiment, the invention provides a transaction confidence token for use in a secure communication system, comprising an envelope and a seal. The envelope comprises transaction information and a trust metric. The seal contains a digital signature of the envelope. In preferred embodiments, the envelope further includes a timestamp. In some embodiments, the transaction information contained in the envelope includes a web site address, a web session identifier, a monetary or exchange value, an order number, an SKU number, a credit card number, or any combinations thereof.
  • [0025]
    In one embodiment, the trust metric within the envelope is an overall trust metric indicating a combined confidence level for enrollment, storage, transmission, and authentication processes employed for authentication of a transaction.
  • [0026]
    In another embodiment, the trust metric comprises a storage trust metric indicating a confidence level for a storage process associated with authentication of a transaction. In yet another embodiment, the trust metric comprises a transmission trust metric indicating a confidence level for a transmission process associated with authentication of a transaction. In still another embodiment, the trust metric comprises an authentication trust metric indicating a confidence level for an authentication process associated with authentication of a transaction. In a further embodiment, the trust metric comprises an enrollment trust metric indicating a confidence level for an enrollment process associated with authentication of a transaction. In other embodiments, a plurality of trust metrics are provided in the envelope. In one embodiment, a first trust metric comprises an overall trust metric and at least a second trust metric is provided chosen from the group consisting of an enrollment trust metric, a storage trust metric, a transmission trust metric, an authentication trust metric, and combinations thereof.
  • [0027]
    In some embodiments, the digital signature contained in the seal is signed with a private key.
  • [0028]
    The present invention further provides methods for assuring a secure transaction. In one embodiment, a method for assuring a secure transaction comprises receiving a transaction confidence token comprising a trust metric associated with the transaction, determining if the trust metric indicates a sufficient trust level; and processing the transaction if the trust metric indicates or exceeds said sufficient trust level.
  • [0029]
    In some embodiments, a method further comprises requiring a mitigating factor if said trust metric indicates less than said sufficient trust level. The mitigating factor may be chosen based on the trust metric. The mitigating factor may be chosen from the group consisting of a fee, a waiting period, an authentication procedure, and combinations thereof.
  • [0030]
    In yet other embodiments, the method further comprises processing the transaction after receiving a mitigating factor.
  • [0031]
    In other embodiments, the method further comprises constructing a transaction confidence token comprising a trust metric, and transmitting said transaction confidence token to a server.
  • [0032]
    In other embodiments, a method for assuring a secure transaction comprises receiving a transaction confidence token comprising a trust metric associated with said transaction, determining if said trust metric indicates an acceptable risk level; and processing said transaction if said trust metric indicates or is less than said acceptable risk level.
  • [0033]
    In some embodiments, the method further comprises requiring a mitigating factor if said trust metric indicates greater than said acceptable risk level. In still other embodiments, the method further includes processing said transaction after receiving said mitigating factor.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • [0034]
    The present invention may be better understood, and its features and advantages made apparent to those skilled in the art by referencing the accompanying drawings.
  • [0035]
    [0035]FIG. 1 is a schematic representation of one embodiment of a transaction confidence token according to an embodiment of the present invention.
  • [0036]
    [0036]FIG. 2 is a schematic flowchart showing a method of processing a transaction according to an embodiment of the present invention.
  • [0037]
    [0037]FIG. 3 is a schematic flowchart outlining a process for using a transaction confidence token according to an embodiment of the present invention.
  • DETAILED DESCRIPTION OF THE EMBODIMENTS
  • [0038]
    Many systems today, especially those that use PKI, involve transactions that depend on keeping a secret protected from use by third parties. If there is any risk that the secret is compromised, then that risk is propagated to the provider of the transaction itself. For example, if an internet-based system allows a user to purchase an item by entering any valid credit card number, then the risk to the credit card company or merchant related to an unauthorized purchase is dependent on how well that credit card number can be kept secret, for example, how well authenticated are the parties to whom the secret is made available.
  • [0039]
    This invention introduces the concept of a software token that associates a secret—such as a private key or password—with risk factors involved in protecting that secret from illicit access. Furthermore, in preferred embodiments of the present invention, the token includes an indication or calculation of the “overall risk of compromise” (OROC), generally represented as an overall trust metric, associated with the secret. In some embodiments of the present invention, the token also includes a calculation of individual risk factor probabilities used to determine the OROC, or overall trust metric. This token can then be used to inform system operators or third parties of the confidence of a given system transaction that depends on the secret. A third party can then take whatever actions it deems appropriate according to the estimated risk. For example, in one embodiment of the present invention, the risk factor is used to deny a transaction if the risk is deemed to great—that is if the risk factor is greater than a predetermined (or sufficient) value. In another embodiment, the risk factor is used to charge the user a fee in an effort to mitigate the risk, or where some fee may already be charged to the user for the transaction to charge different fees according to the assessed risk or trust level. The fee may be a flat fee charged to all transactions having less than a sufficient trust level or the fee may vary according to the trust level indicated by the token.
  • [0040]
    Most authentication systems are geared to answer the question of whether the party trying to use the system is the party it claims to be with either a yes or no, even though the authentication method or methods employed are imperfect. The present invention provides a mechanism for a system to add an estimate of risk or confidence on that yes or no answer, and for other systems to use that confidence information to their advantage. In one embodiment, it also provides a mechanism for documenting the party's identity so as to provide a non-repudiation mechanism for the transaction.
  • [0041]
    That is, the present invention provides systems utilizing tokens to assign or mitigate risk.
  • [0042]
    [0042]FIG. 1 depicts a schematic representation of transaction confidence token 100 according to one embodiment of the present invention.
  • [0043]
    A token, such as token 100, is created using available information regarding risk factors, examples of which are discussed above. Token 100 can be in the form of a separate packet of stored data associated with the secret, integrated either with the secret itself or, in the case of PKI, with the associated digital certificate.
  • [0044]
    The present invention provides transaction confidence tokens comprising at least one trust metric. As used herein, ‘trust metric’ generally refers to a measure of a risk factor. Examples of typical risk factors are discussed above. In one embodiment, token 100 comprises information on at least one risk factor discussed above. In another embodiment, token 100 comprises an overall risk-of-compromise (OROC) value, or overall trust metric 110, which may take one or more risk factors into consideration. In a preferred embodiment, token 100 is created and stored in a database during both enrollment and subsequent transactions, includes all the fields shown in FIG. 1. In other embodiments, only a subset of fields shown in FIG. 1 are present.
  • [0045]
    In one embodiment of the present invention, trust metrics, such as overall trust metric 110, are given by an absolute probability ranging from 0.0 to 1.0, calculated using a weighted Bayesian equation. Other ranges and equations for calculating trust metrics may also or alternatively be employed. In preferred embodiments of the present invention, trust metrics are given by an arbitrary mapping of risk information to three categories—low, medium, and high. Any number of categories may alternatively be used, with each category represented by a unique indicator. The risk information may alternatively be provided by a continuous range of values rather than in discrete categories. Overall trust metric 110 represents a weighted combination of individual risk probabilities of a plurality of risk factors. In a preferred embodiment, a system uses token 100 to deny or accept a transaction. In other embodiments, a system charges a fee, or imposes another mitigation factor—such as a waiting period or another required authentication—based on risk information contained in token 100.
  • [0046]
    Accordingly, transaction confidence token 100 (FIG. 1) is composed of two data structures: envelope 120 and seal 130. Envelope 120 comprises transaction contents, or transaction information 140 and at least one trust metric, although a plurality of trust metrics are shown in FIG. 1. Further, envelope 120 comprises timestamp 150. In a preferred embodiment, transaction information 140 represents a complete record of a transaction—including, as appropriate, account numbers, web session identifiers, monetary or exchange values, item quantities, an SKU number, an order number, a credit card number, a web URL or address, or other data describing the user's authenticated request. In other embodiments, transaction information 140 comprises only some of the above information associated with a transaction. In a preferred embodiment, transaction information 140 comprises only a transaction identifier or reference string such as a web session identifier as is often used in web applications. In an alternative embodiment, transaction information 140 field comprises a complete transaction confidence token, which may in turn (i.e., recursively) contain another transaction confidence token in its transaction contents field, without particular limit. This embodiment allows for multiple parties to attest to a transaction and attach their own confidence to the transaction as it is processed by each of a number of systems in series. The innermost transaction confidence token corresponds to the original transaction when it is first authenticated and signed by the originating party. Timestamp 150 generally comprises a string indicating a date and time at which the authentication event which is the subject of the transaction confidence token took place. Generally, any time indicator is appropriate for timestamp 150. In a preferred embodiment, timestamp 150 is expressed in Universal Coordinated Time (UTC). Overall trust metric 110 indicates a degree of overall confidence in a transaction. In one embodiment, overall trust metric 110 provides a degree of confidence in enrollment, storage, transmission, and authentication processes employed for authentication of a transaction. Overall trust metric 110 can be defined according to the specifics of the application contemplated, but in a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. In a preferred embodiment, low security refers to a password authentication against a 4-digit numeric PIN stored in non-secure storage. Medium security refers to a fingerprint authentication or strong password (alphanumeric, mixed case, greater than 8 characters) against a secret in non-secure storage, and high security is attributed to a fingerprint authentication or strong password against a secret in secure storage such as a smart card. Generally, any number of trust categories can be assigned among any authentication processes.
  • [0047]
    Envelope 120 may comprise metrics related to measures of individual aspects of an authentication process. That is, envelope 120 may comprise some or all of the following optional fields: (1) Enrollment Trust Metric 160, (2) Storage Trust Metric 170, (3) Transmission Trust Metric 180, and (4) Authentication Trust Metric 190.
  • [0048]
    Enrollment Trust Metric 160 indicates a degree of confidence in security of an enrollment or personalization process under which a secret was issued to an authenticating party. Enrollment trust metric 160 can be defined according to specifics of the application employed. In a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. In one embodiment, a low confidence enrollment trust metric is assigned to self-enrollment where little or no manual verification of user identity is carried out; a medium confidence enrollment trust metric is assigned to online verification using a “weak secret” such as a credit card number, which may be independently verified to match the enrollee's name by the credit card issuer; and a high confidence enrollment trust metric is assigned in an enrollment situation where the user's identity is verified—using trusted documents such as a passport, driver's license, or the like—by a human being who works for the enrollment agency or represents another predetermined organization.
  • [0049]
    Storage Trust Metric 170 indicates a degree of confidence in the security of a method of storage used to store a secret. Storage Trust Metric 170 can be defined according to the specifics of the application employed. In a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. Here, in one embodiment, a storage trust metric indicating a low confidence level is assigned to storage of a secret in unencrypted form on a hard disk or FLASH memory of a PC or other computing device; a storage trust metric indicating a medium confidence level is assigned to storage of a secret in encrypted form on a hard drive or FLASH memory of a PC or other computing device and protected with a PIN or password; and a storage trust metric indicating a high confidence level is assigned to storage of a secret in secure storage, such as that of a smart card, and protected with a PIN or password.
  • [0050]
    Transmission Trust Metric 180 indicates a degree of confidence in security of a method of transmission, if any, of a secret. This Transmission Trust Metric can be defined according to specifics of the application employed, but in a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. In one embodiment, a transmission trust metric indicating a low confidence level is assigned to a transmission of a secret in unencrypted form via the internet or local computer network; a transmission trust metric indicating a medium confidence level is assigned to transmission of a secret in encrypted form using SSL or TLS (as known in the art and described further in Dierks, T., and Allen, C., “The TLS Protocol Version 1.0,” RFC 2246, January 1999, hereby incorporated by reference) or other common standard of network encryption; and a transmission trust metric indicating a high confidence level applies to transmission of a secret via armored car using a certified carrier such as, for example, Brink's@, Inc.
  • [0051]
    Authentication Trust Metric 190 indicates a degree of confidence in the security of a method of authentication for a particular transaction. Authentication Trust Metric 190 can be defined according to specifics of the application employed, but in a preferred embodiment, there are three possible values corresponding to low, medium, and high confidence. Accordingly, in one embodiment, an authentication trust metric indicating a low confidence level is assigned to authentication using a PIN or password (“something you know”); an authentication trust metric indicating a medium confidence level is assigned to authentication using a physical token such as a PKCS-11 standard device or smart card (“something you have”); and an authentication trust metric indicating a high confidence level is assigned authentication requiring use of a biometric such as fingerprint, voiceprint, or face recognition (“something you are”).
  • [0052]
    In other embodiments, greater or fewer trust levels are provided. In still other embodiments a continuous range of trust metric values is provided. In some embodiments, more than one type of procedure, device, or method may be assigned an identical trust metric value. For example, in some embodiments both encrypted and unencrypted storage of a secret on a hard disk receive a trust metric indicating a low trust level, while secure storage of a secret—for example on a smart card protected with a PIN—receives a trust metric indicating a high trust level. Although in preferred embodiments, trust metrics provide an indication of security based on measurable risk factors, in other embodiments trust metric values are not constrained by theoretical security weaknesses. For example, a particular storage method or enrollment procedure may be assigned a stronger or weaker trust metric based on a preferred or encouraged method for performing those functions.
  • [0053]
    Seal 130 of transaction confidence token 100 is a string of bytes containing a digital signature of envelope 120, signed in a preferred embodiment with the private key of the authenticating party or system.
  • [0054]
    In a preferred embodiment, envelope 120 and seal 130 are constructed according to PKCS #7—for a detailed description of the standard, see, for example RSA Laboratories. PKCS #7: Cryptographic Message Syntax Standard. Version 1.5, November 1993, hereby incorporated by reference. Using that standard's signed-data content type such that envelope 120 is embodied in a content information (contentInfo) field and seal 130 is embodied in a signer information (signerInfos) field. Note that PKCS #7 also allows for the recursion of transaction information field 140 of envelope 120 in a transaction confidence token.
  • [0055]
    In another embodiment, envelope 120 and seal 130 are constructed according to the XML Signature Syntax and Processing Recommendation—for a detailed description of the standard see, for example Eastlake 3rd, D., Reagle, J., and Solo, D., “(Extensible Markup Language) XML-Signature Syntax and Processing,” RFC 3275, March 2002, incorporated herein by reference.
  • [0056]
    Other encodings or structures of a transaction confidence token are also possible.
  • [0057]
    The present invention further provides systems and methods for using a transaction confidence token. For example, when a requester (client) or server initiates a transaction requiring authentication, such as in step 200 in FIG. 2, server 210 requests the authentication and an associated transaction confidence token. In other embodiments, no specific request is made by server 210. During the course of the transaction Requester 220 allows access to a secret, step 230, such as a private encryption key using an authentication method, such as a biometric match. Numerous devices and methods exist for securing a secret, including those described in U.S. application Ser. No. ______, filed ______, entitled “Secure Network And Networked Devices Using Biometrics” (Attorney Docket No. A-70595/RMA/JML), incorporated herein by reference. Requester 220 generates, step 240, contents of a requested transaction, such as the quantity and SKUs of item(s) to be purchased, in a form suitable to be encoded in the transaction confidence token's transaction contents, or transaction information field, such as transaction information 140 in token 100 depicted in FIG. 1.
  • [0058]
    Requester 220 determines at least one trust metric, step 250, as described above and encodes at least one trust metric in the transaction confidence token. Requester 220 signs the transaction confidence token in step 260. Server 210 receives a transaction confidence token associated with a transaction request in step 270. Server 210 then adjusts its confidence level, in the transaction, step 280, based on whether the signature is valid and takes action appropriate to the confidence level, completing the transaction in step 290.
  • [0059]
    The present invention further provides methods for a server to act on a transaction confidence token. FIG. 3 provides a schematic overview of an embodiment of such a method according to the present invention. A server receives a transaction confidence token, step 300, and verifies the signature of the transaction confidence token, step 310, using, for example, the public key of the originator of the transaction confidence token. If the signature verification fails, indicating that the transaction confidence token was not created by the purported originating party, had been altered after its creation, or otherwise is invalid, then the system may then discard the token, step 320, and assume no confidence in the authenticity of the associated transaction. In a preferred embodiment, a transaction confidence token with an invalid signature is discarded and the associated transaction request is discarded or rolled back according to appropriate exception handling practice for the application employing methods of the present invention.
  • [0060]
    If the signature verification succeeds, then the server determines its confidence in the transaction, step 330, calculated from one or more trust metric fields in the transaction confidence token.
  • [0061]
    If another Server or plurality of Servers are to participate in the transaction, step 340, the original receiving server may construct a new transaction confidence token, and embed the current transaction confidence token, optionally asserting its own degree of confidence in the transaction, step 350. The server then transmits, step 360, a new transaction confidence token (comprising embedded first transaction confidence token) to other participating Server(s), step 370.
  • [0062]
    The Server may then do its own processing of the transaction request employing the confidence it has determined, step 370. For example, if a trust metric within the transaction confidence token indicates or exceeds a predetermined sufficient trust level, the server processes the transaction. However, in one embodiment, if a trust metric does not indicate a minimum sufficient trust level, the server rejects the transaction. If a trust metric indicates a minimum sufficient trust level but less than a sufficient trust level, the server may require a mitigating factor. For example, the server may require an additional authentication procedure, a fee, or a waiting period in an effort to mitigate risk associated with a predetermined range of trust metric values.
  • [0063]
    Although embodiments of the present invention discussed above generally refer to ‘confidence levels’ or ‘trust levels’ with increasing trust metric values associated with increasing trust or confidence in a transaction, in other embodiments, trust metrics are assigned and evaluated with respect to risk. That is, risk is generally the opposite of trust and trust metrics may be assigned such that increasing trust metric values corresponding to an increasing risk associated with a transaction. In these embodiments, less secure situations would receive a higher trust metric value. For example, in some embodiments of the present invention, a confidence level between 0.0 and 1.0 is calculated. A corresponding risk level in this embodiment is given generally by 1—(confidence level).
  • [0064]
    That is, in another embodiment, if a trust metric within the transaction confidence token indicates or exceeds a predetermined maximum risk level, the risk is determined to be too great, and the server the server rejects the transaction. However, if a trust metric indicates less than a maximum risk level but greater than an acceptable risk level, the server may require a mitigating factor before processing the transaction. For example, the server may require an additional authentication procedure, a fee, or a waiting period in an effort to mitigate risk associated with a predetermined range of trust metric values. If a trust metric indicates less than an acceptable risk level, the server will process the transaction.
  • [0065]
    Having described several methods and procedures, it will be appreciated that the invention may advantageously implement the methods and procedures described herein on a general purpose or special purpose computing device, such as a device having a processor for executing computer program code instructions and a memory coupled to the processor for storing data and/or commands. It will be appreciated that the computing device may be a single computer or a plurality of networked computers and that the several procedures associated with implementing the methods and procedures described herein may be implemented on one or a plurality of computing devices. In some embodiments the inventive procedures and methods are implemented on standard server-client network infrastructures with the inventive features added on top of such infrastructure or compatible therewith.
  • [0066]
    The foregoing descriptions of specific embodiments and best mode of the present invention have been presented for purposes of illustration and description. They are not intended to be exhaustive or to limit the invention to the precise forms disclosed, and obviously many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and its practical application, to thereby enable others skilled in the art to best utilize the invention and various embodiments with various modifications as are suited to the particular use contemplated. It is intended that the scope of the invention be defined by the claims appended hereto and their equivalents.

Claims (19)

    We claim:
  1. 1. A transaction confidence token for use in a secure communication system, said token comprising:
    an envelope comprising
    transaction information; and
    a trust metric; and
    a seal comprising a digital signature of said envelope.
  2. 2. A token according to claim 1, wherein said envelope further comprises a time stamp.
  3. 3. A token according to claim 1, wherein said transaction information includes information selected from the group consisting of a web site address, a web session identifier, a monetary or exchange value, an order number, an SKU number, and a credit card number, and combinations thereof.
  4. 4. A token according to claim 1, wherein said trust metric is an overall trust metric indicating a combined confidence level for enrollment, storage, transmission, and authentication processes employed for authentication of a transaction.
  5. 5. A token according to claim 1, wherein said trust metric comprises a storage trust metric indicating a confidence level for a storage process associated with authentication of a transaction.
  6. 6. A token according to claim 1, wherein said trust metric comprises a transmission trust metric indicating a confidence level for a transmission process associated with authentication of a transaction.
  7. 7. A token according to claim 1, wherein said trust metric comprises an authentication trust metric indicating a confidence level for an authentication process associated with authentication of a transaction.
  8. 8. A token according to claim 1, wherein said trust metric comprises an enrollment trust metric indicating a confidence level for an enrollment process associated with authentication of a transaction.
  9. 9. A token according to claim 1, wherein said trust metric comprises an overall trust metric and said envelope further comprises at least one metric chosen from the group consisting of an enrollment trust metric, a storage trust metric, a transmission trust metric, an authentication trust metric, and combinations thereof.
  10. 10. A token according to claim 1, wherein said digital signature is signed with a private key.
  11. 11. A method for assuring a secure transaction comprising:
    receiving a transaction confidence token comprising a trust metric associated with said transaction;
    determining if said trust metric indicates a sufficient trust level; and
    processing said transaction if said trust metric indicates or exceeds said sufficient trust level.
  12. 11. A method according to claim 10, further comprising:
    requiring a mitigating factor if said trust metric indicates less than said sufficient trust level.
  13. 12. A method according to claim 11, wherein said mitigating factor is chosen based on said trust metric.
  14. 13. A method according to claim 11, wherein said mitigating factor is chosen from the group consisting of a fee, a waiting period, an authentication procedure, and combinations thereof.
  15. 14. A method according to claim 11, further comprising:
    processing said transaction after receiving said mitigating factor.
  16. 15. A method according to claim 10, further comprising:
    constructing a transaction confidence token comprising said trust metric; and
    transmitting said transaction confidence token to a server.
  17. 16. A method for assuring a secure transaction comprising:
    receiving a transaction confidence token comprising a trust metric associated with said transaction;
    determining if said trust metric indicates an acceptable risk level; and
    processing said transaction if said trust metric indicates or is less than said acceptable risk level.
  18. 17. A method according to claim 16, further comprising:
    requiring a mitigating factor if said trust metric indicates greater than said acceptable risk level.
  19. 18. A method according to claim 17, further comprising:
    processing said transaction after receiving said mitigating factor.
US10194959 2001-07-12 2002-07-12 Method and system for determining confidence in a digital transaction Abandoned US20030101348A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
US30512001 true 2001-07-12 2001-07-12
US9955402 true 2002-03-13 2002-03-13
US10099558 US20030021495A1 (en) 2001-07-12 2002-03-13 Fingerprint biometric capture device and method with integrated on-chip data buffering
US10194959 US20030101348A1 (en) 2001-07-12 2002-07-12 Method and system for determining confidence in a digital transaction

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US10194959 US20030101348A1 (en) 2001-07-12 2002-07-12 Method and system for determining confidence in a digital transaction

Related Parent Applications (2)

Application Number Title Priority Date Filing Date
US9955402 Continuation-In-Part 2002-03-13 2002-03-13
US10099558 Continuation-In-Part US20030021495A1 (en) 2001-07-12 2002-03-13 Fingerprint biometric capture device and method with integrated on-chip data buffering

Publications (1)

Publication Number Publication Date
US20030101348A1 true true US20030101348A1 (en) 2003-05-29

Family

ID=27378853

Family Applications (5)

Application Number Title Priority Date Filing Date
US10194994 Active 2024-09-28 US7197168B2 (en) 2001-07-12 2002-07-12 Method and system for biometric image assembly from multiple partial biometric frame scans
US10194949 Abandoned US20030115490A1 (en) 2001-07-12 2002-07-12 Secure network and networked devices using biometrics
US10194444 Abandoned US20030115475A1 (en) 2001-07-12 2002-07-12 Biometrically enhanced digital certificates and system and method for making and using
US10194959 Abandoned US20030101348A1 (en) 2001-07-12 2002-07-12 Method and system for determining confidence in a digital transaction
US11707624 Active 2023-05-03 US7751595B2 (en) 2001-07-12 2007-02-16 Method and system for biometric image assembly from multiple partial biometric frame scans

Family Applications Before (3)

Application Number Title Priority Date Filing Date
US10194994 Active 2024-09-28 US7197168B2 (en) 2001-07-12 2002-07-12 Method and system for biometric image assembly from multiple partial biometric frame scans
US10194949 Abandoned US20030115490A1 (en) 2001-07-12 2002-07-12 Secure network and networked devices using biometrics
US10194444 Abandoned US20030115475A1 (en) 2001-07-12 2002-07-12 Biometrically enhanced digital certificates and system and method for making and using

Family Applications After (1)

Application Number Title Priority Date Filing Date
US11707624 Active 2023-05-03 US7751595B2 (en) 2001-07-12 2007-02-16 Method and system for biometric image assembly from multiple partial biometric frame scans

Country Status (4)

Country Link
US (5) US7197168B2 (en)
EP (1) EP1573426A4 (en)
JP (1) JP2005531935A (en)
WO (3) WO2003007121B1 (en)

Cited By (57)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030115490A1 (en) * 2001-07-12 2003-06-19 Russo Anthony P. Secure network and networked devices using biometrics
US20050015596A1 (en) * 2002-07-19 2005-01-20 Bowers Charles R. Method and apparatus for managing confidential information
US20050273442A1 (en) * 2004-05-21 2005-12-08 Naftali Bennett System and method of fraud reduction
DE102004046153A1 (en) * 2004-09-23 2006-04-06 Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V. Network e.g. Internet, subscriber`s e.g. mobile telephone, digital reputation determining method, involves determining reputation of subscriber of network by central server based on token issued by service provider to subscriber
US20060242691A1 (en) * 2002-10-24 2006-10-26 Gisela Meister Method for carrying out a secure electronic transaction using a portable data support
WO2006126183A2 (en) * 2005-05-27 2006-11-30 Nice Systems Ltd. Method and apparatus for fraud detection
US20060277092A1 (en) * 2005-06-03 2006-12-07 Credigy Technologies, Inc. System and method for a peer to peer exchange of consumer information
US20070006163A1 (en) * 2005-07-01 2007-01-04 Aoki Norihiro E Method and apparatus for authenticating usage of an application
US20070080778A1 (en) * 2005-10-11 2007-04-12 Newfrey Llc Door lock with protected biometric sensor
US20070130070A1 (en) * 2005-12-02 2007-06-07 Credigy Technologies, Inc. System and method for an anonymous exchange of private data
US20070162377A1 (en) * 2005-12-23 2007-07-12 Credigy Technologies, Inc. System and method for an online exchange of private data
US20070288759A1 (en) * 2003-05-22 2007-12-13 Wood Richard G Methods of registration for programs using verification processes with biometrics for fraud management and enhanced security protection
US20080263662A1 (en) * 2005-05-06 2008-10-23 Pau-Chen Cheng System and method for fuzzy multi-level security
US20090178129A1 (en) * 2008-01-04 2009-07-09 Microsoft Corporation Selective authorization based on authentication input attributes
US20090241173A1 (en) * 2008-03-19 2009-09-24 Websense, Inc. Method and system for protection against information stealing software
US20100017845A1 (en) * 2008-07-18 2010-01-21 Microsoft Corporation Differentiated authentication for compartmentalized computing resources
US20100088509A1 (en) * 2002-08-15 2010-04-08 Louis Joseph Fedronic Dominique System and method for sequentially processing a biometric sample
US20110099112A1 (en) * 2007-08-31 2011-04-28 Mages Kenneth G Apparatus and method for conducting securing financial transactions
US20130047215A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and apparatus for token-based reassignment of privileges
US20130047251A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and Apparatus for Token-Based Context Caching
US20130047248A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Apparatus and Method for Determining Subject Assurance Level
US20130047201A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Apparatus and Method for Expert Decisioning
US20130047266A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and apparatus for token-based access of related resources
US20130047204A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Apparatus and Method for Determining Resource Trust Levels
US20130047262A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and Apparatus for Object Security Session Validation
US8421890B2 (en) 2010-01-15 2013-04-16 Picofield Technologies, Inc. Electronic imager using an impedance sensor grid array and method of making
US8539558B2 (en) 2011-08-15 2013-09-17 Bank Of America Corporation Method and apparatus for token-based token termination
US8572683B2 (en) 2011-08-15 2013-10-29 Bank Of America Corporation Method and apparatus for token-based re-authentication
US8572689B2 (en) 2011-08-15 2013-10-29 Bank Of America Corporation Apparatus and method for making access decision using exceptions
US8584202B2 (en) 2011-08-15 2013-11-12 Bank Of America Corporation Apparatus and method for determining environment integrity levels
US8631486B1 (en) * 2009-03-31 2014-01-14 Emc Corporation Adaptive identity classification
US8726339B2 (en) 2011-08-15 2014-05-13 Bank Of America Corporation Method and apparatus for emergency session validation
US8726361B2 (en) * 2011-08-15 2014-05-13 Bank Of America Corporation Method and apparatus for token-based attribute abstraction
US20140149747A1 (en) * 2002-07-19 2014-05-29 Charles R. Bowers Method and apparatus for managing confidential information
US8752124B2 (en) 2011-08-15 2014-06-10 Bank Of America Corporation Apparatus and method for performing real-time authentication using subject token combinations
US8752157B2 (en) 2011-08-15 2014-06-10 Bank Of America Corporation Method and apparatus for third party session validation
US8789143B2 (en) * 2011-08-15 2014-07-22 Bank Of America Corporation Method and apparatus for token-based conditioning
US8789162B2 (en) * 2011-08-15 2014-07-22 Bank Of America Corporation Method and apparatus for making token-based access decisions
US8791792B2 (en) 2010-01-15 2014-07-29 Idex Asa Electronic imager using an impedance sensor grid array mounted on or about a switch and method of making
US8806602B2 (en) 2011-08-15 2014-08-12 Bank Of America Corporation Apparatus and method for performing end-to-end encryption
US8850515B2 (en) 2011-08-15 2014-09-30 Bank Of America Corporation Method and apparatus for subject recognition session validation
US8866347B2 (en) 2010-01-15 2014-10-21 Idex Asa Biometric image sensing
US8910290B2 (en) * 2011-08-15 2014-12-09 Bank Of America Corporation Method and apparatus for token-based transaction tagging
US20150032625A1 (en) * 2013-07-24 2015-01-29 Matthew Dill Systems and methods for communicating risk using token assurance data
US8996860B1 (en) * 2012-08-23 2015-03-31 Amazon Technologies, Inc. Tolerance factor-based secret decay
WO2015054697A1 (en) 2013-10-11 2015-04-16 Visa International Service Association Network token system
US9015842B2 (en) 2008-03-19 2015-04-21 Websense, Inc. Method and system for protection against information stealing software
US9038148B1 (en) 2012-08-23 2015-05-19 Amazon Technologies, Inc. Secret variation for network sessions
US9055053B2 (en) 2011-08-15 2015-06-09 Bank Of America Corporation Method and apparatus for token-based combining of risk ratings
US20150199554A1 (en) * 2014-01-15 2015-07-16 Motorola Mobility Llc Finger Print State Integration with Non-Application Processor Functions for Power Savings in an Electronic Device
US9203818B1 (en) 2012-08-23 2015-12-01 Amazon Technologies, Inc. Adaptive timeouts for security credentials
US9241259B2 (en) 2012-11-30 2016-01-19 Websense, Inc. Method and apparatus for managing the transfer of sensitive information to mobile devices
US9253197B2 (en) 2011-08-15 2016-02-02 Bank Of America Corporation Method and apparatus for token-based real-time risk updating
US9609001B2 (en) 2007-02-02 2017-03-28 Websense, Llc System and method for adding context to prevent data leakage over a computer network
US20170124356A1 (en) * 2015-10-30 2017-05-04 Mark A. Allyn Authenticity-assured data gathering apparatus and method
US9798917B2 (en) 2012-04-10 2017-10-24 Idex Asa Biometric sensing
US9940450B2 (en) * 2015-06-15 2018-04-10 Charles R. Bowers Method and apparatus for managing confidential information

Families Citing this family (294)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110187496A1 (en) * 2008-10-30 2011-08-04 Denison William D Electronic Access Control Device and Management System
US7054470B2 (en) * 1999-12-02 2006-05-30 International Business Machines Corporation System and method for distortion characterization in fingerprint and palm-print image sequences and using this distortion as a behavioral biometrics
US7128825B2 (en) * 2001-03-14 2006-10-31 Applied Materials, Inc. Method and composition for polishing a substrate
US7232514B2 (en) * 2001-03-14 2007-06-19 Applied Materials, Inc. Method and composition for polishing a substrate
US20060249394A1 (en) * 2005-05-05 2006-11-09 Applied Materials, Inc. Process and composition for electrochemical mechanical polishing
US20060249395A1 (en) * 2005-05-05 2006-11-09 Applied Material, Inc. Process and composition for electrochemical mechanical polishing
US7390429B2 (en) * 2003-06-06 2008-06-24 Applied Materials, Inc. Method and composition for electrochemical mechanical polishing processing
US7323416B2 (en) * 2001-03-14 2008-01-29 Applied Materials, Inc. Method and composition for polishing a substrate
US20070295611A1 (en) * 2001-12-21 2007-12-27 Liu Feng Q Method and composition for polishing a substrate
US6811680B2 (en) * 2001-03-14 2004-11-02 Applied Materials Inc. Planarization of substrates using electrochemical mechanical polishing
US20060169597A1 (en) * 2001-03-14 2006-08-03 Applied Materials, Inc. Method and composition for polishing a substrate
US7160432B2 (en) * 2001-03-14 2007-01-09 Applied Materials, Inc. Method and composition for polishing a substrate
US7582564B2 (en) * 2001-03-14 2009-09-01 Applied Materials, Inc. Process and composition for conductive material removal by electrochemical mechanical polishing
US7237117B2 (en) 2001-03-16 2007-06-26 Kenneth P. Weiss Universal secure registry
US7203347B2 (en) * 2001-06-27 2007-04-10 Activcard Ireland Limited Method and system for extracting an area of interest from within a swipe image of a biological surface
EP1293874A3 (en) * 2001-09-06 2006-08-02 Nippon Telegraph and Telephone Corporation Authentication method, authentication system, and authentication token
US8200980B1 (en) * 2001-09-21 2012-06-12 Open Invention Network, Llc System and method for enrolling in a biometric system
JP2003173430A (en) * 2001-09-28 2003-06-20 Sharp Corp Ic card, scramble releasing device, server device, physical characteristic reader, permitter determining method, permitter registering method, frequency managing method, permitter determining program, permittter registering program, and frequency managing program
US6899804B2 (en) * 2001-12-21 2005-05-31 Applied Materials, Inc. Electrolyte composition and treatment for electrolytic chemical mechanical polishing
JP4169185B2 (en) * 2002-02-25 2008-10-22 富士通株式会社 Image connection method, program and apparatus
US20040054913A1 (en) * 2002-02-28 2004-03-18 West Mark Brian System and method for attaching un-forgeable biometric data to digital identity tokens and certificates, and validating the attached biometric data while validating digital identity tokens and certificates
JP4187451B2 (en) * 2002-03-15 2008-11-26 松下電器産業株式会社 Personal authentication device and the mobile terminal device
CN1286055C (en) * 2002-05-24 2006-11-22 欧姆龙株式会社 Face checking device and life information checking device
US7274807B2 (en) * 2002-05-30 2007-09-25 Activcard Ireland Limited Method and apparatus for supporting a biometric registration performed on a card
JP4563662B2 (en) * 2002-07-17 2010-10-13 パナソニック株式会社 Recording medium unauthorized use prevention system
EP1529367A4 (en) 2002-08-06 2011-08-03 Privaris Inc Methods for secure enrollment and backup of personal identity credentials into electronic devices
US20040034784A1 (en) * 2002-08-15 2004-02-19 Fedronic Dominique Louis Joseph System and method to facilitate separate cardholder and system access to resources controlled by a smart card
US20040104807A1 (en) * 2002-10-16 2004-06-03 Frank Ko Networked fingerprint authentication system and method
CN1757188A (en) * 2002-11-06 2006-04-05 国际商业机器公司 Confidential data sharing and anonymous entity resolution
US7046234B2 (en) * 2002-11-21 2006-05-16 Bloomberg Lp Computer keyboard with processor for audio and telephony functions
US7571472B2 (en) * 2002-12-30 2009-08-04 American Express Travel Related Services Company, Inc. Methods and apparatus for credential validation
US7228011B1 (en) * 2003-02-28 2007-06-05 L-I Identity Solutions, Inc. System and method for issuing a security unit after determining eligibility by image recognition
US20050008148A1 (en) * 2003-04-02 2005-01-13 Dov Jacobson Mouse performance identification
EP1619622B1 (en) * 2003-04-25 2009-11-25 Fujitsu Limited Fingerprint matching device, fingerprint matching method, and fingerprint matching program
JP2005004718A (en) * 2003-05-16 2005-01-06 Canon Inc Signal processor and controlling method
US7925887B2 (en) * 2003-05-19 2011-04-12 Intellirad Solutions Pty Ltd. Multi-parameter biometric authentication
US7200250B2 (en) * 2003-05-20 2007-04-03 Lightuning Tech, Inc. Sweep-type fingerprint sensor module
EP1629624B1 (en) 2003-05-30 2013-03-20 Privaris, Inc. An in-curcuit security system and methods for controlling access to and use of sensitive data
WO2004114190A1 (en) 2003-06-16 2004-12-29 Uru Technology Incorporated Method and system for creating and operating biometrically enabled multi-purpose credential management devices
US7474772B2 (en) * 2003-06-25 2009-01-06 Atrua Technologies, Inc. System and method for a miniature user input device
US20050179657A1 (en) * 2004-02-12 2005-08-18 Atrua Technologies, Inc. System and method of emulating mouse operations using finger image sensors
US20050039016A1 (en) * 2003-08-12 2005-02-17 Selim Aissi Method for using trusted, hardware-based identity credentials in runtime package signature to secure mobile communications and high-value transaction execution
US20050044388A1 (en) * 2003-08-19 2005-02-24 Brant Gary E. Reprise encryption system for digital data
US7587072B2 (en) * 2003-08-22 2009-09-08 Authentec, Inc. System for and method of generating rotational inputs
US20050047631A1 (en) * 2003-08-26 2005-03-03 Cross Match Technologies, Inc. Method and apparatus for rolled fingerprint image capture with variable blending
DE10339743B4 (en) * 2003-08-28 2007-08-02 Infineon Technologies Ag A method of comparing a test fingerprint with a stored reference fingerprint and for performing the method suitable device
US7915601B2 (en) * 2003-09-05 2011-03-29 Authentec, Inc. Electronic device including optical dispersion finger sensor and associated methods
US7351974B2 (en) * 2003-09-05 2008-04-01 Authentec, Inc. Integrated circuit infrared sensor and associated methods
EP1678655B1 (en) * 2003-09-24 2008-11-12 Authentec, Inc. Finger biometric sensor with sensor electronics distributed over thin film and monocrystalline substrates and related methods
US7787667B2 (en) * 2003-10-01 2010-08-31 Authentec, Inc. Spot-based finger biometric processing method and associated sensor
WO2005034021A1 (en) * 2003-10-01 2005-04-14 Authentec, Inc. Methods for finger biometric processing and associated finger biometric sensors
US7599530B2 (en) * 2003-10-01 2009-10-06 Authentec, Inc. Methods for matching ridge orientation characteristic maps and associated finger biometric sensor
GB0407160D0 (en) * 2003-10-30 2004-05-05 Ritech Internat Ltd Biometric parameters protected portable data storage device
JP3924558B2 (en) * 2003-11-17 2007-06-06 富士通株式会社 Biological information collection device
US7526109B2 (en) * 2003-11-26 2009-04-28 Microsoft Corporation Fingerprint scanner with translating scan head
US7403644B2 (en) * 2003-11-26 2008-07-22 Microsoft Corporation Fingerprint scanner with translating platen
US7447911B2 (en) * 2003-11-28 2008-11-04 Lightuning Tech. Inc. Electronic identification key with portable application programs and identified by biometrics authentication
JP2005166049A (en) * 2003-12-02 2005-06-23 ▲きん▼創科技股▲ふん▼有限公司 Memory storage device having fingerprint sensor, and method for protecting data stored therein
FR2864289B1 (en) * 2003-12-17 2007-02-02 Bouygues Telecom Sa biometric access control using a mobile telephony terminal
US7697729B2 (en) * 2004-01-29 2010-04-13 Authentec, Inc. System for and method of finger initiated actions
JP4454335B2 (en) * 2004-02-12 2010-04-21 Necインフロンティア株式会社 Fingerprint input device
US7548981B1 (en) * 2004-03-03 2009-06-16 Sprint Spectrum L.P. Biometric authentication over wireless wide-area networks
US7336841B2 (en) * 2004-03-25 2008-02-26 Intel Corporation Fingerprinting digital video for rights management in networks
US20050246763A1 (en) * 2004-03-25 2005-11-03 National University Of Ireland Secure digital content reproduction using biometrically derived hybrid encryption techniques
JP4462988B2 (en) * 2004-04-13 2010-05-12 Necインフロンティア株式会社 Fingerprint reading method and a fingerprint reading system
US8358815B2 (en) * 2004-04-16 2013-01-22 Validity Sensors, Inc. Method and apparatus for two-dimensional finger motion tracking and control
US8175345B2 (en) 2004-04-16 2012-05-08 Validity Sensors, Inc. Unitized ergonomic two-dimensional fingerprint motion tracking device and method
US8229184B2 (en) * 2004-04-16 2012-07-24 Validity Sensors, Inc. Method and algorithm for accurate finger motion tracking
US8131026B2 (en) * 2004-04-16 2012-03-06 Validity Sensors, Inc. Method and apparatus for fingerprint image reconstruction
US7194116B2 (en) * 2004-04-23 2007-03-20 Sony Corporation Fingerprint image reconstruction based on motion estimate across a narrow fingerprint sensor
WO2005109321A1 (en) * 2004-04-23 2005-11-17 Sony Corporation System for fingerprint image reconstruction based on motion estimate across a narrow fingerprint sensor
US7212658B2 (en) * 2004-04-23 2007-05-01 Sony Corporation System for fingerprint image reconstruction based on motion estimate across a narrow fingerprint sensor
US8077935B2 (en) 2004-04-23 2011-12-13 Validity Sensors, Inc. Methods and apparatus for acquiring a swiped fingerprint image
US20050249388A1 (en) * 2004-05-07 2005-11-10 Linares Miguel A Three-dimensional fingerprint identification system
US7542590B1 (en) 2004-05-07 2009-06-02 Yt Acquisition Corporation System and method for upgrading biometric data
US20050255840A1 (en) * 2004-05-13 2005-11-17 Markham Thomas R Authenticating wireless phone system
US8156548B2 (en) * 2004-05-20 2012-04-10 Future Internet Security Ip Pty Ltd. Identification and authentication system and method
US9286457B2 (en) 2004-06-14 2016-03-15 Rodney Beatson Method and system for providing password-free, hardware-rooted, ASIC-based authentication of a human to a mobile device using biometrics with a protected, local template to release trusted credentials to relying parties
US20050276454A1 (en) * 2004-06-14 2005-12-15 Rodney Beatson System and methods for transforming biometric image data to a consistent angle of inclination
US8842887B2 (en) * 2004-06-14 2014-09-23 Rodney Beatson Method and system for combining a PIN and a biometric sample to provide template encryption and a trusted stand-alone computing device
US20080201299A1 (en) * 2004-06-30 2008-08-21 Nokia Corporation Method and System for Managing Metadata
JP4411152B2 (en) * 2004-07-05 2010-02-10 Necインフロンティア株式会社 Fingerprint reading method, a fingerprint reading system and program
US20060041507A1 (en) * 2004-08-13 2006-02-23 Sbc Knowledge Ventures L.P. Pluggable authentication for transaction tool management services
US20060034497A1 (en) * 2004-08-15 2006-02-16 Michael Manansala Protometric authentication system
US8380125B2 (en) * 2004-09-01 2013-02-19 Kyocera Corporation Systems and methods for bluetooth resource conservation
JP4553379B2 (en) * 2004-09-10 2010-09-29 キヤノン株式会社 Data reproducing apparatus and a control method thereof, computer program
US20060078178A1 (en) * 2004-09-18 2006-04-13 Will Shatford Swipe sensor
JP4339221B2 (en) * 2004-09-30 2009-10-07 Necインフロンティア株式会社 Image construction method, fingerprint image construction apparatus, and program
US7751601B2 (en) 2004-10-04 2010-07-06 Validity Sensors, Inc. Fingerprint sensing assemblies and methods of making
US7280679B2 (en) 2004-10-08 2007-10-09 Atrua Technologies, Inc. System for and method of determining pressure on a finger sensor
JP4340618B2 (en) * 2004-10-08 2009-10-07 富士通株式会社 Biometric information authentication device and method, and biometric information authentication program and the biometric information recorded computer-readable recording medium authentication program
US7693314B2 (en) * 2004-10-13 2010-04-06 Authentec, Inc. Finger sensing device for navigation and related methods
US20060200487A1 (en) * 2004-10-29 2006-09-07 The Go Daddy Group, Inc. Domain name related reputation and secure certificates
US8117339B2 (en) * 2004-10-29 2012-02-14 Go Daddy Operating Company, LLC Tracking domain name related reputation
US20080028443A1 (en) * 2004-10-29 2008-01-31 The Go Daddy Group, Inc. Domain name related reputation and secure certificates
US9015263B2 (en) 2004-10-29 2015-04-21 Go Daddy Operating Company, LLC Domain name searching with reputation rating
US8904040B2 (en) * 2004-10-29 2014-12-02 Go Daddy Operating Company, LLC Digital identity validation
US20080028100A1 (en) * 2004-10-29 2008-01-31 The Go Daddy Group, Inc. Tracking domain name related reputation
US7797413B2 (en) * 2004-10-29 2010-09-14 The Go Daddy Group, Inc. Digital identity registration
US20060095404A1 (en) * 2004-10-29 2006-05-04 The Go Daddy Group, Inc Presenting search engine results based on domain name related reputation
US20060095459A1 (en) * 2004-10-29 2006-05-04 Warren Adelman Publishing domain name related reputation in whois records
US20080022013A1 (en) * 2004-10-29 2008-01-24 The Go Daddy Group, Inc. Publishing domain name related reputation in whois records
US20070208940A1 (en) * 2004-10-29 2007-09-06 The Go Daddy Group, Inc. Digital identity related reputation tracking and publishing
US20090248623A1 (en) * 2007-05-09 2009-10-01 The Go Daddy Group, Inc. Accessing digital identity related reputation data
US20060104484A1 (en) * 2004-11-16 2006-05-18 Bolle Rudolf M Fingerprint biometric machine representations based on triangles
US20060181521A1 (en) * 2005-02-14 2006-08-17 Atrua Technologies, Inc. Systems for dynamically illuminating touch sensors
FR2878632B1 (en) * 2004-12-01 2007-02-09 Sagem Method for identifying an individual from image fragments
JP2006189999A (en) * 2005-01-04 2006-07-20 Fujitsu Ltd Security management method, program, and information apparatus
US7461266B2 (en) * 2005-01-19 2008-12-02 Egis Technology Inc. Storage device and method for protecting data stored therein
US7831070B1 (en) 2005-02-18 2010-11-09 Authentec, Inc. Dynamic finger detection mechanism for a fingerprint sensor
US7899216B2 (en) * 2005-03-18 2011-03-01 Sanyo Electric Co., Ltd. Biometric information processing apparatus and biometric information processing method
EP1861807B1 (en) * 2005-03-24 2012-11-07 Privaris, Inc. Biometric identification device with smartcard capabilities
DE102005014794B4 (en) * 2005-03-31 2009-01-15 Advanced Micro Devices, Inc., Sunnyvale A method for testing a semiconductor sample having a plurality of samples
US8231056B2 (en) * 2005-04-08 2012-07-31 Authentec, Inc. System for and method of protecting an integrated circuit from over currents
CN1332346C (en) * 2005-05-26 2007-08-15 上海交通大学 Sliding fingerprint sequence seamless joint method of extension phase correlated
CN101185280A (en) * 2005-06-01 2008-05-21 皇家飞利浦电子股份有限公司 Compensating for acquisition noise in helper data systems
US20060282680A1 (en) * 2005-06-14 2006-12-14 Kuhlman Douglas A Method and apparatus for accessing digital data using biometric information
US7519829B2 (en) * 2005-06-17 2009-04-14 Egis Technology Inc. Storage device and method for protecting data stored therein
US7505613B2 (en) * 2005-07-12 2009-03-17 Atrua Technologies, Inc. System for and method of securing fingerprint biometric systems against fake-finger spoofing
US8049731B2 (en) * 2005-07-29 2011-11-01 Interlink Electronics, Inc. System and method for implementing a control function via a sensor having a touch sensitive control input surface
US20070061126A1 (en) * 2005-09-01 2007-03-15 Anthony Russo System for and method of emulating electronic input devices
JP4351201B2 (en) * 2005-09-16 2009-10-28 富士通株式会社 With fingerprint sensor portable device
US8090939B2 (en) * 2005-10-21 2012-01-03 Hewlett-Packard Development Company, L.P. Digital certificate that indicates a parameter of an associated cryptographic token
JP4771528B2 (en) * 2005-10-26 2011-09-14 キヤノン株式会社 Distributed processing system and distributed processing method
US7940249B2 (en) * 2005-11-01 2011-05-10 Authentec, Inc. Devices using a metal layer with an array of vias to reduce degradation
US7809211B2 (en) * 2005-11-17 2010-10-05 Upek, Inc. Image normalization for computed image construction
CN101341496B (en) * 2005-12-21 2012-05-30 皇家飞利浦电子股份有限公司 Biometric information detection using sweep-type imager
JP4547629B2 (en) * 2006-02-10 2010-09-22 ソニー株式会社 Registration apparatus, registration method and registration program
US8700902B2 (en) 2006-02-13 2014-04-15 At&T Intellectual Property I, L.P. Methods and apparatus to certify digital signatures
WO2007145687A8 (en) * 2006-02-21 2008-04-17 Kenneth P Weiss Method and apparatus for secure access payment and identification
US8234220B2 (en) * 2007-02-21 2012-07-31 Weiss Kenneth P Universal secure registry
US20070226514A1 (en) * 2006-03-24 2007-09-27 Atmel Corporation Secure biometric processing system and method of use
US20070237366A1 (en) * 2006-03-24 2007-10-11 Atmel Corporation Secure biometric processing system and method of use
US7849312B2 (en) * 2006-03-24 2010-12-07 Atmel Corporation Method and system for secure external TPM password generation and use
EP2214342B1 (en) 2006-04-07 2014-06-18 Huawei Technologies Co., Ltd. Method and system for implementing authentication on information security
US20070254485A1 (en) * 2006-04-28 2007-11-01 Daxin Mao Abrasive composition for electrochemical mechanical polishing
US7787697B2 (en) * 2006-06-09 2010-08-31 Sony Ericsson Mobile Communications Ab Identification of an object in media and of related media objects
US8180118B2 (en) * 2006-06-19 2012-05-15 Authentec, Inc. Finger sensing device with spoof reduction features and associated methods
US8081805B2 (en) * 2006-06-19 2011-12-20 Authentec, Inc. Finger sensing device with multiple correlators and associated methods
US7885436B2 (en) * 2006-07-13 2011-02-08 Authentec, Inc. System for and method of assigning confidence values to fingerprint minutiae points
US7978884B1 (en) * 2006-08-08 2011-07-12 Smsc Holdings S.A.R.L. Fingerprint sensor and interface
NL1032340C2 (en) * 2006-08-17 2008-02-25 Hieronymus Watse Wiersma System and method for digital signing of data files.
US7916908B1 (en) 2006-09-06 2011-03-29 SMSC Holdings S.à.r.l Fingerprint sensor and method of transmitting a sensor image to reduce data size and data rate
US8447077B2 (en) * 2006-09-11 2013-05-21 Validity Sensors, Inc. Method and apparatus for fingerprint motion tracking using an in-line array
US8165355B2 (en) * 2006-09-11 2012-04-24 Validity Sensors, Inc. Method and apparatus for fingerprint motion tracking using an in-line array for use in navigation applications
US8225096B2 (en) * 2006-10-27 2012-07-17 International Business Machines Corporation System, apparatus, method, and program product for authenticating communication partner using electronic certificate containing personal information
DE102007015320B4 (en) * 2006-11-03 2008-10-23 Basler Ag Camera for analyzing objects
US8204831B2 (en) * 2006-11-13 2012-06-19 International Business Machines Corporation Post-anonymous fuzzy comparisons without the use of pre-anonymization variants
WO2008074342A1 (en) 2006-12-19 2008-06-26 Telecom Italia S.P.A. Method and arrangement for secure user authentication based on a biometric data detection device
US8190908B2 (en) * 2006-12-20 2012-05-29 Spansion Llc Secure data verification via biometric input
US20080162943A1 (en) * 2006-12-28 2008-07-03 Ali Valiuddin Y Biometric security system and method
US8984280B2 (en) 2007-02-16 2015-03-17 Tibco Software Inc. Systems and methods for automating certification authority practices
US8880889B1 (en) * 2007-03-02 2014-11-04 Citigroup Global Markets, Inc. Systems and methods for remote authorization of financial transactions using public key infrastructure (PKI)
CN101790717B (en) * 2007-04-13 2014-07-16 阿维萨瑞公司 Machine vision system for enterprise management
EP1986161A1 (en) * 2007-04-27 2008-10-29 Italdata Ingegneria Dell'Idea S.p.A. Data survey device, integrated with a communication system, and related method
US8107212B2 (en) * 2007-04-30 2012-01-31 Validity Sensors, Inc. Apparatus and method for protecting fingerprint sensing circuitry from electrostatic discharge
US8290150B2 (en) * 2007-05-11 2012-10-16 Validity Sensors, Inc. Method and system for electronically securing an electronic device using physically unclonable functions
US20110002461A1 (en) * 2007-05-11 2011-01-06 Validity Sensors, Inc. Method and System for Electronically Securing an Electronic Biometric Device Using Physically Unclonable Functions
US20080288291A1 (en) * 2007-05-16 2008-11-20 Silver Springs - Martin Luther School Digital Signature, Electronic Record Software and Method
EP1993061B1 (en) * 2007-05-16 2011-05-04 Precise Biometrics AB Sequential image alignment
US9237018B2 (en) * 2007-07-05 2016-01-12 Honeywell International Inc. Multisystem biometric token
US20090021349A1 (en) * 2007-07-19 2009-01-22 Stephen Errico Method to record and authenticate a participant's biometric identification of an event via a network
US20090037742A1 (en) * 2007-07-31 2009-02-05 International Business Machines Corporation Biometric authentication device, system and method of biometric authentication
US8181031B2 (en) * 2007-08-01 2012-05-15 International Business Machines Corporation Biometric authentication device and system
JP2010541046A (en) * 2007-09-24 2010-12-24 アップル インコーポレイテッド An authentication system that was incorporated in an electronic device
JP4466707B2 (en) * 2007-09-27 2010-05-26 ミツミ電機株式会社 Finger contact detecting apparatus, a fingerprint reading apparatus using the method and the same finger contact detecting, fingerprint reading method
US8276816B2 (en) * 2007-12-14 2012-10-02 Validity Sensors, Inc. Smart card system with ergonomic fingerprint sensor and method of using
US8204281B2 (en) * 2007-12-14 2012-06-19 Validity Sensors, Inc. System and method to remove artifacts from fingerprint sensor scans
JP2009146266A (en) * 2007-12-17 2009-07-02 Fujitsu Ltd Electronic apparatus
US9361440B2 (en) 2007-12-21 2016-06-07 Apple Inc. Secure off-chip processing such as for biometric data
FR2925732B1 (en) * 2007-12-21 2010-02-12 Sagem Securite Generation and use of a biometric key
US20090164796A1 (en) * 2007-12-21 2009-06-25 Daon Holdings Limited Anonymous biometric tokens
WO2009080089A1 (en) 2007-12-24 2009-07-02 Telecom Italia S.P.A. Biometrics based identification
US8149089B2 (en) * 2007-12-25 2012-04-03 Htc Corporation Method for unlocking a locked computing device and computing device thereof
US9785330B1 (en) 2008-02-13 2017-10-10 Apple Inc. Systems for and methods of providing inertial scrolling and navigation using a fingerprint sensor calculating swiping speed and length
US7653577B2 (en) 2008-02-19 2010-01-26 The Go Daddy Group, Inc. Validating e-commerce transactions
US20110021182A1 (en) * 2008-03-18 2011-01-27 Hengxi Huan Method and apparatus for automatically handling missed calls in a communication terminal
US20090243794A1 (en) * 2008-03-24 2009-10-01 Neil Morrow Camera modules communicating with computer systems
US8005276B2 (en) * 2008-04-04 2011-08-23 Validity Sensors, Inc. Apparatus and method for reducing parasitic capacitive coupling and noise in fingerprint sensing circuits
US8116540B2 (en) * 2008-04-04 2012-02-14 Validity Sensors, Inc. Apparatus and method for reducing noise in fingerprint sensing circuits
US20110032206A1 (en) * 2008-04-24 2011-02-10 Kyocera Corporation Mobile electronic device
US20090279745A1 (en) * 2008-05-08 2009-11-12 Sonavation, Inc. Method and System for Image Resolution Improvement of Biometric Digit Imprint Sensors Using Staggered Rows
US8503740B2 (en) * 2008-05-12 2013-08-06 Sonavation, Inc. Methods and apparatus for digit swipe sensor data streaming
WO2010000276A1 (en) * 2008-06-30 2010-01-07 Telecom Italia S.P.A. Method and system for communicating access authorization requests based on user personal identification as well as method and system for determining access authorizations
US20100329568A1 (en) * 2008-07-02 2010-12-30 C-True Ltd. Networked Face Recognition System
JP5040835B2 (en) * 2008-07-04 2012-10-03 富士通株式会社 Biometric information reading device, a biometric information reading method and the biometric information reading program
GB2474999B (en) * 2008-07-22 2013-02-20 Validity Sensors Inc System and method for securing a device component
JP5247295B2 (en) * 2008-08-13 2013-07-24 ラピスセミコンダクタ株式会社 Image processing method and image processing apparatus
JP5206218B2 (en) * 2008-08-20 2013-06-12 富士通株式会社 Fingerprint image acquiring device, a fingerprint authentication device, a fingerprint image acquiring method, and a fingerprint authentication method
US8296563B2 (en) * 2008-10-22 2012-10-23 Research In Motion Limited Method of handling a certification request
EP2180634B1 (en) 2008-10-22 2018-04-04 BlackBerry Limited Method of handling a certification request
US8471679B2 (en) * 2008-10-28 2013-06-25 Authentec, Inc. Electronic device including finger movement based musical tone generation and related methods
US8391568B2 (en) * 2008-11-10 2013-03-05 Validity Sensors, Inc. System and method for improved scanning of fingerprint edges
US8074880B2 (en) 2008-12-01 2011-12-13 Research In Motion Limited Method, system and mobile device employing enhanced fingerprint authentication
US20100153722A1 (en) * 2008-12-11 2010-06-17 International Business Machines Corporation Method and system to prove identity of owner of an avatar in virtual world
US9071440B2 (en) * 2008-12-22 2015-06-30 Google Technology Holdings LLC Method and system of authenticating the identity of a user of a public computer terminal
US20100161488A1 (en) 2008-12-22 2010-06-24 Paul Michael Evans Methods and systems for biometric verification
KR101390045B1 (en) * 2008-12-24 2014-04-30 에릭슨엘지엔터프라이즈 주식회사 Communication apparatus and controlling device thereof
US9059991B2 (en) 2008-12-31 2015-06-16 Bce Inc. System and method for unlocking a device
US8278946B2 (en) 2009-01-15 2012-10-02 Validity Sensors, Inc. Apparatus and method for detecting finger activity on a fingerprint sensor
US8600122B2 (en) * 2009-01-15 2013-12-03 Validity Sensors, Inc. Apparatus and method for culling substantially redundant data in fingerprint sensing circuits
US20100176892A1 (en) * 2009-01-15 2010-07-15 Validity Sensors, Inc. Ultra Low Power Oscillator
US20100180136A1 (en) * 2009-01-15 2010-07-15 Validity Sensors, Inc. Ultra Low Power Wake-On-Event Mode For Biometric Systems
US8374407B2 (en) 2009-01-28 2013-02-12 Validity Sensors, Inc. Live finger detection
US8301902B2 (en) * 2009-02-12 2012-10-30 International Business Machines Corporation System, method and program product for communicating a privacy policy associated with a biometric reference template
US8289135B2 (en) * 2009-02-12 2012-10-16 International Business Machines Corporation System, method and program product for associating a biometric reference template with a radio frequency identification tag
US8327134B2 (en) * 2009-02-12 2012-12-04 International Business Machines Corporation System, method and program product for checking revocation status of a biometric reference template
US8359475B2 (en) * 2009-02-12 2013-01-22 International Business Machines Corporation System, method and program product for generating a cancelable biometric reference template on demand
US9298902B2 (en) * 2009-02-12 2016-03-29 International Business Machines Corporation System, method and program product for recording creation of a cancelable biometric reference template in a biometric event journal record
US8242892B2 (en) * 2009-02-12 2012-08-14 International Business Machines Corporation System, method and program product for communicating a privacy policy associated with a radio frequency identification tag and associated object
US20100208953A1 (en) * 2009-02-17 2010-08-19 Validity Sensors, Inc. Illuminated Fingerprint Sensor and Method
US8255685B2 (en) * 2009-03-17 2012-08-28 Research In Motion Limited System and method for validating certificate issuance notification messages
US7690032B1 (en) 2009-05-22 2010-03-30 Daon Holdings Limited Method and system for confirming the identity of a user
US9400911B2 (en) 2009-10-30 2016-07-26 Synaptics Incorporated Fingerprint sensor and integratable electronic display
US9274553B2 (en) 2009-10-30 2016-03-01 Synaptics Incorporated Fingerprint sensor and integratable electronic display
US9336428B2 (en) 2009-10-30 2016-05-10 Synaptics Incorporated Integrated fingerprint sensor and display
US9832019B2 (en) * 2009-11-17 2017-11-28 Unho Choi Authentication in ubiquitous environment
US9666635B2 (en) 2010-02-19 2017-05-30 Synaptics Incorporated Fingerprint sensing circuit
US8716613B2 (en) * 2010-03-02 2014-05-06 Synaptics Incoporated Apparatus and method for electrostatic discharge protection
EP2386998A1 (en) * 2010-05-14 2011-11-16 Honda Research Institute Europe GmbH A Two-Stage Correlation Method for Correspondence Search
KR101198120B1 (en) * 2010-05-28 2012-11-12 남궁종 Iris information based 3-factor user authentication method for otp generation and secure two way authentication system of wireless communication device authentication using otp
US9001040B2 (en) 2010-06-02 2015-04-07 Synaptics Incorporated Integrated fingerprint sensor and navigation device
WO2012008885A1 (en) * 2010-07-12 2012-01-19 Fingerprint Cards Ab Biometric verification device and method
US8528072B2 (en) 2010-07-23 2013-09-03 Apple Inc. Method, apparatus and system for access mode control of a device
US9225510B1 (en) 2010-08-17 2015-12-29 Go Daddy Operating Company, LLC Website secure certificate status determination via partner browser plugin
US9225511B1 (en) 2010-08-17 2015-12-29 Go Daddy Operating Company, LLC Systems for determining website secure certificate status via partner browser plugin
US8331096B2 (en) 2010-08-20 2012-12-11 Validity Sensors, Inc. Fingerprint acquisition expansion card apparatus
US8613052B2 (en) 2010-09-17 2013-12-17 Universal Secure Registry, Llc Apparatus, system and method employing a wireless user-device
US20120092279A1 (en) 2010-10-18 2012-04-19 Qualcomm Mems Technologies, Inc. Touch sensor with force-actuated switched capacitor
KR101574968B1 (en) * 2010-11-01 2015-12-08 한국전자통신연구원 Portable sensor apparatus, and service system based on biometric Authentication including the same
US9122856B2 (en) * 2010-12-01 2015-09-01 Hid Global Corporation Updates of biometric access systems
US8996879B2 (en) * 2010-12-23 2015-03-31 Intel Corporation User identity attestation in mobile commerce
RU2453921C1 (en) * 2010-12-28 2012-06-20 Валерий Александрович Гуров System for remote control of transactions
US20130234826A1 (en) * 2011-01-13 2013-09-12 Nikon Corporation Electronic device and electronic device control program
US8594393B2 (en) 2011-01-26 2013-11-26 Validity Sensors System for and method of image reconstruction with dual line scanner using line counts
US8538097B2 (en) 2011-01-26 2013-09-17 Validity Sensors, Inc. User input utilizing dual line scanner apparatus and method
US9129107B2 (en) * 2011-02-10 2015-09-08 SecurenCrypt, LLC Document encryption and decryption
US9406580B2 (en) 2011-03-16 2016-08-02 Synaptics Incorporated Packaging for fingerprint sensors and methods of manufacture
US8638994B2 (en) 2011-04-21 2014-01-28 Authentec, Inc. Electronic device for collecting finger data and displaying a finger movement trace and related methods
US8527360B2 (en) 2011-04-29 2013-09-03 Daon Holdings Limited Methods and systems for conducting payment transactions
KR101284481B1 (en) * 2011-07-15 2013-07-16 아이리텍 잉크 Authentication method and device using OTP including biometric data
EP2748801A1 (en) * 2011-08-26 2014-07-02 Life Technologies Corporation Systems and methods for identifying an individual
US20150363586A1 (en) * 2011-08-26 2015-12-17 Life Technologies Corporation Systems and methods for identifying an individual
US8965069B2 (en) * 2011-09-30 2015-02-24 University Of Louisville Research Foundation, Inc. Three dimensional minutiae extraction in three dimensional scans
US20130197946A1 (en) * 2011-12-07 2013-08-01 Simon Hurry Multi purpose device
WO2013095434A1 (en) * 2011-12-21 2013-06-27 Intel Corporation Method for authentication using biometric data for mobile device e-commerce transactions
US9195877B2 (en) 2011-12-23 2015-11-24 Synaptics Incorporated Methods and devices for capacitive image sensing
US9785299B2 (en) 2012-01-03 2017-10-10 Synaptics Incorporated Structures and manufacturing methods for glass covered electronic devices
KR101443960B1 (en) * 2012-02-22 2014-11-03 주식회사 팬택 Electronic device and method for user identification
US9251329B2 (en) 2012-03-27 2016-02-02 Synaptics Incorporated Button depress wakeup and wakeup strategy
US9268991B2 (en) * 2012-03-27 2016-02-23 Synaptics Incorporated Method of and system for enrolling and matching biometric data
US9137438B2 (en) 2012-03-27 2015-09-15 Synaptics Incorporated Biometric object sensor and method
US9600709B2 (en) * 2012-03-28 2017-03-21 Synaptics Incorporated Methods and systems for enrolling biometric data
US9152838B2 (en) 2012-03-29 2015-10-06 Synaptics Incorporated Fingerprint sensor packagings and methods
US9024910B2 (en) 2012-04-23 2015-05-05 Qualcomm Mems Technologies, Inc. Touchscreen with bridged force-sensitive resistors
US9086847B2 (en) 2012-09-25 2015-07-21 Micro Mobio Corporation Personal cloud case cover with a plurality of modular capabilities
US20140089672A1 (en) * 2012-09-25 2014-03-27 Aliphcom Wearable device and method to generate biometric identifier for authentication using near-field communications
GB201219749D0 (en) 2012-11-02 2012-12-19 Zwipe As Fingerprint matching algorithm
GB201219750D0 (en) 2012-11-02 2012-12-19 Zwipe As Fingerprint enrolment algorithm
US9672339B2 (en) * 2012-12-12 2017-06-06 Intel Corporation Electro-biometric authentication
US9665762B2 (en) 2013-01-11 2017-05-30 Synaptics Incorporated Tiered wakeup strategy
US9378350B2 (en) * 2013-03-15 2016-06-28 Airwatch Llc Facial capture managing access to resources by a device
WO2017139537A1 (en) * 2016-02-11 2017-08-17 AMI Research & Development, LLC Fingerprint based smart phone user verification
US9754149B2 (en) 2013-04-01 2017-09-05 AMI Research & Development, LLC Fingerprint based smart phone user verification
US9189612B2 (en) * 2013-05-13 2015-11-17 Ira Konvalinka Biometric verification with improved privacy and network performance in client-server networks
US9323393B2 (en) 2013-06-03 2016-04-26 Qualcomm Incorporated Display with peripherally configured ultrasonic biometric sensor
US9178888B2 (en) 2013-06-14 2015-11-03 Go Daddy Operating Company, LLC Method for domain control validation
US9521138B2 (en) 2013-06-14 2016-12-13 Go Daddy Operating Company, LLC System for domain control validation
US9898642B2 (en) 2013-09-09 2018-02-20 Apple Inc. Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs
GB201317733D0 (en) * 2013-10-08 2013-11-20 A Men Technology Corp Point transaction system and method for mobile communication device
US9536128B2 (en) * 2013-10-16 2017-01-03 Pixart Imaging Inc. Thin biometric detection module
CN104545842B (en) * 2013-10-16 2017-09-26 原相科技股份有限公司 Thin physiological characteristics detection module
US9262003B2 (en) 2013-11-04 2016-02-16 Qualcomm Incorporated Piezoelectric force sensing array
CN104899546A (en) * 2014-03-07 2015-09-09 神盾股份有限公司 Fingerprint recognition methods and devices
US9472195B2 (en) * 2014-03-26 2016-10-18 Educational Testing Service Systems and methods for detecting fraud in spoken tests using voice biometrics
US20150317466A1 (en) * 2014-05-02 2015-11-05 Verificient Technologies, Inc. Certificate verification system and methods of performing the same
WO2015181610A1 (en) * 2014-05-27 2015-12-03 Idex Asa Multi-lined sensor
US9230152B2 (en) 2014-06-03 2016-01-05 Apple Inc. Electronic device for processing composite finger matching biometric data and related methods
US9519819B2 (en) * 2014-07-14 2016-12-13 Fingerprint Cards Ab Method and electronic device for noise mitigation
US20160085954A1 (en) * 2014-09-02 2016-03-24 NXT-ID, Inc. Method and system to validate identity without putting privacy at risk
WO2016036456A1 (en) * 2014-09-06 2016-03-10 Goodix Technology Inc. Swipe motion registration on a fingerprint sensor
US9760755B1 (en) * 2014-10-03 2017-09-12 Egis Technology Inc. Fingerprint matching methods and device
FR3027753A1 (en) * 2014-10-28 2016-04-29 Morpho Method for authentication of a user holding not a biometric certificate
KR20160096475A (en) * 2015-02-05 2016-08-16 삼성전자주식회사 Method and Electronic Device for arranging electrodes
CA2980114A1 (en) * 2015-04-23 2016-10-27 Unho Choi Authentication in ubiquitous environment
CN106096489A (en) * 2015-04-27 2016-11-09 瑞鼎科技股份有限公司 Capacitive fingerprint sensing apparatus and capacitive fingerprint sensing method
US9818016B2 (en) 2015-05-28 2017-11-14 Fingerprint Cards Ab Method and fingerprint sensing system for forming a fingerprint representation
US20170004346A1 (en) * 2015-06-30 2017-01-05 Samsung Electronics Co., Ltd. Fingerprint recognition method and apparatus
US20170006223A1 (en) * 2015-06-30 2017-01-05 Synaptics Incorporated Modulation scheme for fingerprint sensing
US20170003770A1 (en) * 2015-06-30 2017-01-05 Synaptics Incorporated Active matrix capacitive fingerprint sensor with 2-tft pixel architecture for display integration
US20170017829A1 (en) * 2015-07-14 2017-01-19 Idex Asa Duplicate pattern reconstructions
US20170140233A1 (en) * 2015-11-13 2017-05-18 Fingerprint Cards Ab Method and system for calibration of a fingerprint sensing device
US20170310664A1 (en) * 2016-04-21 2017-10-26 Tharmalingam Satkunarajah Apparatus and system for obtaining and encrypting documentary materials
DK179186B1 (en) 2016-05-19 2018-01-15 Apple Inc Remove Authorization to proceed with an action

Citations (64)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4222076A (en) * 1978-09-15 1980-09-09 Bell Telephone Laboratories, Incorporated Progressive image transmission
US4405829A (en) * 1977-12-14 1983-09-20 Massachusetts Institute Of Technology Cryptographic communications system and method
US4558372A (en) * 1984-01-19 1985-12-10 Tektronix, Inc. Scanning method and apparatus
US4654876A (en) * 1984-12-19 1987-03-31 Itek Corporation Digital image motion correction method
US4868877A (en) * 1988-02-12 1989-09-19 Fischer Addison M Public key/signature cryptosystem with enhanced digital signature certification
US5144448A (en) * 1990-07-31 1992-09-01 Vidar Systems Corporation Scanning apparatus using multiple CCD arrays and related method
US5155597A (en) * 1990-11-28 1992-10-13 Recon/Optical, Inc. Electro-optical imaging array with motion compensation
US5227839A (en) * 1991-06-24 1993-07-13 Etec Systems, Inc. Small field scanner
US5293323A (en) * 1991-10-24 1994-03-08 General Electric Company Method for fault diagnosis by assessment of confidence measure
US5444478A (en) * 1992-12-29 1995-08-22 U.S. Philips Corporation Image processing method and device for constructing an image from adjacent images
US5453777A (en) * 1993-04-12 1995-09-26 Presstek, Inc. Method and apparatus for correcting and adjusting digital image output
US5456256A (en) * 1993-11-04 1995-10-10 Ultra-Scan Corporation High resolution ultrasonic imaging apparatus and method
US5559961A (en) * 1994-04-04 1996-09-24 Lucent Technologies Inc. Graphical password
US5576763A (en) * 1994-11-22 1996-11-19 Lucent Technologies Inc. Single-polysilicon CMOS active pixel
US5577120A (en) * 1995-05-01 1996-11-19 Lucent Technologies Inc. Method and apparatus for restrospectively identifying an individual who had engaged in a commercial or retail transaction or the like
US5602585A (en) * 1994-12-22 1997-02-11 Lucent Technologies Inc. Method and system for camera with motion detection
US5623552A (en) * 1994-01-21 1997-04-22 Cardguard International, Inc. Self-authenticating identification card with fingerprint identification
US5625304A (en) * 1995-04-21 1997-04-29 Lucent Technologies Inc. Voltage comparator requiring no compensating offset voltage
US5631704A (en) * 1994-10-14 1997-05-20 Lucent Technologies, Inc. Active pixel sensor and imaging system having differential mode
US5668874A (en) * 1995-02-28 1997-09-16 Lucent Technologies Inc. Identification card verification system and method
US5671279A (en) * 1995-11-13 1997-09-23 Netscape Communications Corporation Electronic commerce using a secure courier system
US5673123A (en) * 1994-06-30 1997-09-30 Lucent Technologies Inc. Methods and means for processing images
US5739562A (en) * 1995-08-01 1998-04-14 Lucent Technologies Inc. Combined photogate and photodiode active pixel image sensor
US5764789A (en) * 1994-11-28 1998-06-09 Smarttouch, Llc Tokenless biometric ATM access system
US5768439A (en) * 1994-03-23 1998-06-16 Hitachi Software Engineering Co., Ltd. Image compounding method and device for connecting a plurality of adjacent images on a map without performing positional displacement at their connections boundaries
US5774525A (en) * 1995-01-23 1998-06-30 International Business Machines Corporation Method and apparatus utilizing dynamic questioning to provide secure access control
US5812704A (en) * 1994-11-29 1998-09-22 Focus Automation Systems Inc. Method and apparatus for image overlap processing
US5825907A (en) * 1994-12-28 1998-10-20 Lucent Technologies Inc. Neural network system for classifying fingerprints
US5864296A (en) * 1997-05-19 1999-01-26 Trw Inc. Fingerprint detector using ridge resistance sensor
US5903225A (en) * 1997-05-16 1999-05-11 Harris Corporation Access control system including fingerprint sensor enrollment and associated methods
US5920640A (en) * 1997-05-16 1999-07-06 Harris Corporation Fingerprint sensor and token reader and associated methods
US5963679A (en) * 1996-01-26 1999-10-05 Harris Corporation Electric field fingerprint sensor apparatus and related methods
US5987156A (en) * 1996-11-25 1999-11-16 Lucent Technologies Apparatus for correcting fixed column noise in images acquired by a fingerprint sensor
US5991408A (en) * 1997-05-16 1999-11-23 Veridicom, Inc. Identification and security using biometric measurements
US6003135A (en) * 1997-06-04 1999-12-14 Spyrus, Inc. Modular security device
US6016476A (en) * 1997-08-11 2000-01-18 International Business Machines Corporation Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security
US6016355A (en) * 1995-12-15 2000-01-18 Veridicom, Inc. Capacitive fingerprint acquisition sensor
US6047268A (en) * 1997-11-04 2000-04-04 A.T.&T. Corporation Method and apparatus for billing for transactions conducted over the internet
US6049620A (en) * 1995-12-15 2000-04-11 Veridicom, Inc. Capacitive fingerprint sensor with adjustable gain
US6097418A (en) * 1998-03-24 2000-08-01 Agfa Corporation Method and apparatus for combining a plurality of images without incurring a visible seam
US6175922B1 (en) * 1996-12-04 2001-01-16 Esign, Inc. Electronic transaction systems and methods therefor
US6192142B1 (en) * 1994-11-28 2001-02-20 Smarttouch, Inc. Tokenless biometric electronic stored value transactions
US6195471B1 (en) * 1998-03-24 2001-02-27 Agfa Corporation Method and apparatus for combining a plurality of images at random stitch points without incurring a visible seam
US6195447B1 (en) * 1998-01-16 2001-02-27 Lucent Technologies Inc. System and method for fingerprint data verification
US6202151B1 (en) * 1997-05-09 2001-03-13 Gte Service Corporation System and method for authenticating electronic transactions using biometric certificates
US6208264B1 (en) * 1997-05-23 2001-03-27 Automated Identification Service, Inc. Personal verification in a commercial transaction system
US6219793B1 (en) * 1996-09-11 2001-04-17 Hush, Inc. Method of using fingerprints to authenticate wireless communications
US6230235B1 (en) * 1996-08-08 2001-05-08 Apache Systems, Inc. Address lookup DRAM aging
US6230148B1 (en) * 1994-11-28 2001-05-08 Veristar Corporation Tokenless biometric electric check transaction
US6256737B1 (en) * 1999-03-09 2001-07-03 Bionetrix Systems Corporation System, method and computer program product for allowing access to enterprise resources using biometric devices
US6260300B1 (en) * 1999-04-21 2001-07-17 Smith & Wesson Corp. Biometrically activated lock and enablement system
US6289114B1 (en) * 1996-06-14 2001-09-11 Thomson-Csf Fingerprint-reading system
US6310966B1 (en) * 1997-05-09 2001-10-30 Gte Service Corporation Biometric certificates
US6330345B1 (en) * 1997-11-17 2001-12-11 Veridicom, Inc. Automatic adjustment processing for sensor devices
US6333989B1 (en) * 1999-03-29 2001-12-25 Dew Engineering And Development Limited Contact imaging device
US6366682B1 (en) * 1994-11-28 2002-04-02 Indivos Corporation Tokenless electronic transaction system
US20020060243A1 (en) * 2000-11-13 2002-05-23 Janiak Martin J. Biometric authentication device for use in mobile telecommunications
US6501846B1 (en) * 1997-11-25 2002-12-31 Ethentica, Inc. Method and system for computer access and cursor control using a relief object image generator
US20030021495A1 (en) * 2001-07-12 2003-01-30 Ericson Cheng Fingerprint biometric capture device and method with integrated on-chip data buffering
US6518560B1 (en) * 2000-04-27 2003-02-11 Veridicom, Inc. Automatic gain amplifier for biometric sensor device
US6535622B1 (en) * 1999-04-26 2003-03-18 Veridicom, Inc. Method for imaging fingerprints and concealing latent fingerprints
US6546122B1 (en) * 1999-07-29 2003-04-08 Veridicom, Inc. Method for combining fingerprint templates representing various sensed areas of a fingerprint to derive one fingerprint template representing the fingerprint
US20030115475A1 (en) * 2001-07-12 2003-06-19 Russo Anthony P. Biometrically enhanced digital certificates and system and method for making and using
US6853988B1 (en) * 1999-09-20 2005-02-08 Security First Corporation Cryptographic server with provisions for interoperability between cryptographic systems

Family Cites Families (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4993068A (en) * 1989-11-27 1991-02-12 Motorola, Inc. Unforgeable personal identification system
US5230148A (en) * 1990-04-20 1993-07-27 Metal Leve S/A Industria E Comercio Method for the manufacture of a cooled engine piston head
JPH0774980A (en) * 1992-11-30 1995-03-17 Thomson Consumer Electron Inc Display unit
US20020013898A1 (en) 1997-06-04 2002-01-31 Sudia Frank W. Method and apparatus for roaming use of cryptographic values
US5458256A (en) * 1994-04-19 1995-10-17 May-Wes Manufacturing, Inc. Slide lid
US6973477B1 (en) * 1995-05-19 2005-12-06 Cyberfone Technologies, Inc. System for securely communicating amongst client computer systems
GB9600804D0 (en) * 1996-01-17 1996-03-20 Robb Garry D Multiphone
US6075905A (en) * 1996-07-17 2000-06-13 Sarnoff Corporation Method and apparatus for mosaic image construction
DE29722222U1 (en) * 1997-12-16 1998-06-25 Siemens Ag Radio-operated communication terminal with navigation button
US6038666A (en) * 1997-12-22 2000-03-14 Trw Inc. Remote identity verification technique using a personal identification device
US6681034B1 (en) 1999-07-15 2004-01-20 Precise Biometrics Method and system for fingerprint template matching
JP3743246B2 (en) * 2000-02-03 2006-02-08 日本電気株式会社 Biometrics input apparatus and biometrics verification device
JP4426733B2 (en) * 2000-03-31 2010-03-03 富士通株式会社 Fingerprint data synthesizing process, the fingerprint data synthesis device, a computer readable recording medium storing the fingerprint data synthesizing program and the program
WO2001080167A1 (en) * 2000-04-13 2001-10-25 Nanyang Technological University Method and device for determining a total minutiae template from a plurality of partial minutiae templates
WO2001087159A8 (en) * 2000-05-15 2002-02-21 Ericsson Telefon Ab L M A composite image generating method, and a fingerprint detection apparatus
US6542740B1 (en) * 2000-10-24 2003-04-01 Litepoint, Corp. System, method and article of manufacture for utilizing a wireless link in an interface roaming network framework
US20020078347A1 (en) 2000-12-20 2002-06-20 International Business Machines Corporation Method and system for using with confidence certificates issued from certificate authorities
US7103234B2 (en) * 2001-03-30 2006-09-05 Nec Laboratories America, Inc. Method for blind cross-spectral image registration
US7203347B2 (en) * 2001-06-27 2007-04-10 Activcard Ireland Limited Method and system for extracting an area of interest from within a swipe image of a biological surface
US7043061B2 (en) * 2001-06-27 2006-05-09 Laurence Hamid Swipe imager with multiple sensing arrays

Patent Citations (70)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4405829A (en) * 1977-12-14 1983-09-20 Massachusetts Institute Of Technology Cryptographic communications system and method
US4222076A (en) * 1978-09-15 1980-09-09 Bell Telephone Laboratories, Incorporated Progressive image transmission
US4558372A (en) * 1984-01-19 1985-12-10 Tektronix, Inc. Scanning method and apparatus
US4654876A (en) * 1984-12-19 1987-03-31 Itek Corporation Digital image motion correction method
US4868877A (en) * 1988-02-12 1989-09-19 Fischer Addison M Public key/signature cryptosystem with enhanced digital signature certification
US5144448A (en) * 1990-07-31 1992-09-01 Vidar Systems Corporation Scanning apparatus using multiple CCD arrays and related method
US5155597A (en) * 1990-11-28 1992-10-13 Recon/Optical, Inc. Electro-optical imaging array with motion compensation
US5227839A (en) * 1991-06-24 1993-07-13 Etec Systems, Inc. Small field scanner
US5293323A (en) * 1991-10-24 1994-03-08 General Electric Company Method for fault diagnosis by assessment of confidence measure
US5444478A (en) * 1992-12-29 1995-08-22 U.S. Philips Corporation Image processing method and device for constructing an image from adjacent images
US5453777A (en) * 1993-04-12 1995-09-26 Presstek, Inc. Method and apparatus for correcting and adjusting digital image output
US5456256A (en) * 1993-11-04 1995-10-10 Ultra-Scan Corporation High resolution ultrasonic imaging apparatus and method
US5623552A (en) * 1994-01-21 1997-04-22 Cardguard International, Inc. Self-authenticating identification card with fingerprint identification
US5768439A (en) * 1994-03-23 1998-06-16 Hitachi Software Engineering Co., Ltd. Image compounding method and device for connecting a plurality of adjacent images on a map without performing positional displacement at their connections boundaries
US5559961A (en) * 1994-04-04 1996-09-24 Lucent Technologies Inc. Graphical password
US5673123A (en) * 1994-06-30 1997-09-30 Lucent Technologies Inc. Methods and means for processing images
US5631704A (en) * 1994-10-14 1997-05-20 Lucent Technologies, Inc. Active pixel sensor and imaging system having differential mode
US5576763A (en) * 1994-11-22 1996-11-19 Lucent Technologies Inc. Single-polysilicon CMOS active pixel
US5835141A (en) * 1994-11-22 1998-11-10 Lucent Technologies Inc. Single-polysilicon CMOS active pixel image sensor
US6366682B1 (en) * 1994-11-28 2002-04-02 Indivos Corporation Tokenless electronic transaction system
US6230148B1 (en) * 1994-11-28 2001-05-08 Veristar Corporation Tokenless biometric electric check transaction
US6192142B1 (en) * 1994-11-28 2001-02-20 Smarttouch, Inc. Tokenless biometric electronic stored value transactions
US5764789A (en) * 1994-11-28 1998-06-09 Smarttouch, Llc Tokenless biometric ATM access system
US5812704A (en) * 1994-11-29 1998-09-22 Focus Automation Systems Inc. Method and apparatus for image overlap processing
US5602585A (en) * 1994-12-22 1997-02-11 Lucent Technologies Inc. Method and system for camera with motion detection
US5825907A (en) * 1994-12-28 1998-10-20 Lucent Technologies Inc. Neural network system for classifying fingerprints
US5774525A (en) * 1995-01-23 1998-06-30 International Business Machines Corporation Method and apparatus utilizing dynamic questioning to provide secure access control
US5668874A (en) * 1995-02-28 1997-09-16 Lucent Technologies Inc. Identification card verification system and method
US5625304A (en) * 1995-04-21 1997-04-29 Lucent Technologies Inc. Voltage comparator requiring no compensating offset voltage
US5577120A (en) * 1995-05-01 1996-11-19 Lucent Technologies Inc. Method and apparatus for restrospectively identifying an individual who had engaged in a commercial or retail transaction or the like
US5739562A (en) * 1995-08-01 1998-04-14 Lucent Technologies Inc. Combined photogate and photodiode active pixel image sensor
US5671279A (en) * 1995-11-13 1997-09-23 Netscape Communications Corporation Electronic commerce using a secure courier system
US6016355A (en) * 1995-12-15 2000-01-18 Veridicom, Inc. Capacitive fingerprint acquisition sensor
US6049620A (en) * 1995-12-15 2000-04-11 Veridicom, Inc. Capacitive fingerprint sensor with adjustable gain
US6538456B1 (en) * 1995-12-15 2003-03-25 Veridicom, Inc. Capacitive fingerprint sensor with adjustable gain
US5963679A (en) * 1996-01-26 1999-10-05 Harris Corporation Electric field fingerprint sensor apparatus and related methods
US6289114B1 (en) * 1996-06-14 2001-09-11 Thomson-Csf Fingerprint-reading system
US6459804B2 (en) * 1996-06-14 2002-10-01 Thomson-Csf Fingerprint-reading system
US6230235B1 (en) * 1996-08-08 2001-05-08 Apache Systems, Inc. Address lookup DRAM aging
US6219793B1 (en) * 1996-09-11 2001-04-17 Hush, Inc. Method of using fingerprints to authenticate wireless communications
US5987156A (en) * 1996-11-25 1999-11-16 Lucent Technologies Apparatus for correcting fixed column noise in images acquired by a fingerprint sensor
US6175922B1 (en) * 1996-12-04 2001-01-16 Esign, Inc. Electronic transaction systems and methods therefor
US6202151B1 (en) * 1997-05-09 2001-03-13 Gte Service Corporation System and method for authenticating electronic transactions using biometric certificates
US6310966B1 (en) * 1997-05-09 2001-10-30 Gte Service Corporation Biometric certificates
US5991408A (en) * 1997-05-16 1999-11-23 Veridicom, Inc. Identification and security using biometric measurements
US5903225A (en) * 1997-05-16 1999-05-11 Harris Corporation Access control system including fingerprint sensor enrollment and associated methods
US6069970A (en) * 1997-05-16 2000-05-30 Authentec, Inc. Fingerprint sensor and token reader and associated methods
US5920640A (en) * 1997-05-16 1999-07-06 Harris Corporation Fingerprint sensor and token reader and associated methods
US5864296A (en) * 1997-05-19 1999-01-26 Trw Inc. Fingerprint detector using ridge resistance sensor
US6208264B1 (en) * 1997-05-23 2001-03-27 Automated Identification Service, Inc. Personal verification in a commercial transaction system
US6003135A (en) * 1997-06-04 1999-12-14 Spyrus, Inc. Modular security device
US6016476A (en) * 1997-08-11 2000-01-18 International Business Machines Corporation Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security
US6047268A (en) * 1997-11-04 2000-04-04 A.T.&T. Corporation Method and apparatus for billing for transactions conducted over the internet
US6330345B1 (en) * 1997-11-17 2001-12-11 Veridicom, Inc. Automatic adjustment processing for sensor devices
US6501846B1 (en) * 1997-11-25 2002-12-31 Ethentica, Inc. Method and system for computer access and cursor control using a relief object image generator
US6195447B1 (en) * 1998-01-16 2001-02-27 Lucent Technologies Inc. System and method for fingerprint data verification
US6097418A (en) * 1998-03-24 2000-08-01 Agfa Corporation Method and apparatus for combining a plurality of images without incurring a visible seam
US6195471B1 (en) * 1998-03-24 2001-02-27 Agfa Corporation Method and apparatus for combining a plurality of images at random stitch points without incurring a visible seam
US6256737B1 (en) * 1999-03-09 2001-07-03 Bionetrix Systems Corporation System, method and computer program product for allowing access to enterprise resources using biometric devices
US6333989B1 (en) * 1999-03-29 2001-12-25 Dew Engineering And Development Limited Contact imaging device
US6260300B1 (en) * 1999-04-21 2001-07-17 Smith & Wesson Corp. Biometrically activated lock and enablement system
US6535622B1 (en) * 1999-04-26 2003-03-18 Veridicom, Inc. Method for imaging fingerprints and concealing latent fingerprints
US6546122B1 (en) * 1999-07-29 2003-04-08 Veridicom, Inc. Method for combining fingerprint templates representing various sensed areas of a fingerprint to derive one fingerprint template representing the fingerprint
US6853988B1 (en) * 1999-09-20 2005-02-08 Security First Corporation Cryptographic server with provisions for interoperability between cryptographic systems
US6518560B1 (en) * 2000-04-27 2003-02-11 Veridicom, Inc. Automatic gain amplifier for biometric sensor device
US20020060243A1 (en) * 2000-11-13 2002-05-23 Janiak Martin J. Biometric authentication device for use in mobile telecommunications
US20030021495A1 (en) * 2001-07-12 2003-01-30 Ericson Cheng Fingerprint biometric capture device and method with integrated on-chip data buffering
US20030115475A1 (en) * 2001-07-12 2003-06-19 Russo Anthony P. Biometrically enhanced digital certificates and system and method for making and using
US20030115490A1 (en) * 2001-07-12 2003-06-19 Russo Anthony P. Secure network and networked devices using biometrics
US20030126448A1 (en) * 2001-07-12 2003-07-03 Russo Anthony P. Method and system for biometric image assembly from multiple partial biometric frame scans

Cited By (107)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7751595B2 (en) 2001-07-12 2010-07-06 Authentec, Inc. Method and system for biometric image assembly from multiple partial biometric frame scans
US20070274575A1 (en) * 2001-07-12 2007-11-29 Russo Anthony P Method and system for biometric image assembly from multiple partial biometric frame scans
US20030115490A1 (en) * 2001-07-12 2003-06-19 Russo Anthony P. Secure network and networked devices using biometrics
US7197168B2 (en) 2001-07-12 2007-03-27 Atrua Technologies, Inc. Method and system for biometric image assembly from multiple partial biometric frame scans
US7716493B2 (en) 2002-07-19 2010-05-11 Bowers Charles R Method and apparatus for managing confidential information
US7334130B2 (en) * 2002-07-19 2008-02-19 Bowers Charles R Method and apparatus for managing confidential information
US20160162682A1 (en) * 2002-07-19 2016-06-09 Charles R. Bowers Method and apparatus for managing confidential information
US20050015596A1 (en) * 2002-07-19 2005-01-20 Bowers Charles R. Method and apparatus for managing confidential information
US20100223474A1 (en) * 2002-07-19 2010-09-02 Bowers Charles R Method and apparatus for managing confidential information
US20140149747A1 (en) * 2002-07-19 2014-05-29 Charles R. Bowers Method and apparatus for managing confidential information
US20080091953A1 (en) * 2002-07-19 2008-04-17 Bowers Charles R Method and apparatus for managing confidential information
US9218507B2 (en) * 2002-07-19 2015-12-22 Charles R. Bowers Method and apparatus for managing confidential information
US8321685B2 (en) 2002-07-19 2012-11-27 Bowers Charles R Method and apparatus for managing confidential information
US8782427B2 (en) 2002-08-15 2014-07-15 Actividentity, Inc. System and method for sequentially processing a biometric sample
US20100088509A1 (en) * 2002-08-15 2010-04-08 Louis Joseph Fedronic Dominique System and method for sequentially processing a biometric sample
US8141141B2 (en) * 2002-08-15 2012-03-20 Actividentity, Inc. System and method for sequentially processing a biometric sample
US8205249B2 (en) * 2002-10-24 2012-06-19 Giesecke & Devrient Gmbh Method for carrying out a secure electronic transaction using a portable data support
US20060242691A1 (en) * 2002-10-24 2006-10-26 Gisela Meister Method for carrying out a secure electronic transaction using a portable data support
US8185747B2 (en) * 2003-05-22 2012-05-22 Access Security Protection, Llc Methods of registration for programs using verification processes with biometrics for fraud management and enhanced security protection
US20070288759A1 (en) * 2003-05-22 2007-12-13 Wood Richard G Methods of registration for programs using verification processes with biometrics for fraud management and enhanced security protection
US8781975B2 (en) * 2004-05-21 2014-07-15 Emc Corporation System and method of fraud reduction
US20050273442A1 (en) * 2004-05-21 2005-12-08 Naftali Bennett System and method of fraud reduction
DE102004046153A1 (en) * 2004-09-23 2006-04-06 Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V. Network e.g. Internet, subscriber`s e.g. mobile telephone, digital reputation determining method, involves determining reputation of subscriber of network by central server based on token issued by service provider to subscriber
DE102004046153B4 (en) * 2004-09-23 2006-10-12 Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V. A method and network system for determining the digital reputation
US20080263662A1 (en) * 2005-05-06 2008-10-23 Pau-Chen Cheng System and method for fuzzy multi-level security
US8087090B2 (en) * 2005-05-06 2011-12-27 International Business Machines Corporation Fuzzy multi-level security
US7386105B2 (en) * 2005-05-27 2008-06-10 Nice Systems Ltd Method and apparatus for fraud detection
WO2006126183A3 (en) * 2005-05-27 2007-10-18 Barak Eilam Method and apparatus for fraud detection
US20060285665A1 (en) * 2005-05-27 2006-12-21 Nice Systems Ltd. Method and apparatus for fraud detection
US7801288B2 (en) 2005-05-27 2010-09-21 Nice Systems Ltd. Method and apparatus for fraud detection
WO2006126183A2 (en) * 2005-05-27 2006-11-30 Nice Systems Ltd. Method and apparatus for fraud detection
US20060277092A1 (en) * 2005-06-03 2006-12-07 Credigy Technologies, Inc. System and method for a peer to peer exchange of consumer information
US7730546B2 (en) * 2005-07-01 2010-06-01 Time Warner, Inc. Method and apparatus for authenticating usage of an application
US20100199347A1 (en) * 2005-07-01 2010-08-05 Time Warner, Inc. Method and Apparatus for Authenticating Usage of an Application
US8327459B2 (en) 2005-07-01 2012-12-04 Time Warner, Inc. Method and apparatus for authenticating usage of an application
US20070006163A1 (en) * 2005-07-01 2007-01-04 Aoki Norihiro E Method and apparatus for authenticating usage of an application
US20070080778A1 (en) * 2005-10-11 2007-04-12 Newfrey Llc Door lock with protected biometric sensor
US7525411B2 (en) 2005-10-11 2009-04-28 Newfrey Llc Door lock with protected biometric sensor
US20070130070A1 (en) * 2005-12-02 2007-06-07 Credigy Technologies, Inc. System and method for an anonymous exchange of private data
US8560456B2 (en) 2005-12-02 2013-10-15 Credigy Technologies, Inc. System and method for an anonymous exchange of private data
US20070162377A1 (en) * 2005-12-23 2007-07-12 Credigy Technologies, Inc. System and method for an online exchange of private data
US9609001B2 (en) 2007-02-02 2017-03-28 Websense, Llc System and method for adding context to prevent data leakage over a computer network
US20110099112A1 (en) * 2007-08-31 2011-04-28 Mages Kenneth G Apparatus and method for conducting securing financial transactions
US9053471B2 (en) * 2007-08-31 2015-06-09 4361423 Canada Inc. Apparatus and method for conducting securing financial transactions
US20090178129A1 (en) * 2008-01-04 2009-07-09 Microsoft Corporation Selective authorization based on authentication input attributes
US8621561B2 (en) * 2008-01-04 2013-12-31 Microsoft Corporation Selective authorization based on authentication input attributes
CN101911585B (en) 2008-01-04 2014-08-13 微软公司 Selective authorization based on authentication input attributes
US9130986B2 (en) * 2008-03-19 2015-09-08 Websense, Inc. Method and system for protection against information stealing software
US9015842B2 (en) 2008-03-19 2015-04-21 Websense, Inc. Method and system for protection against information stealing software
US20090241173A1 (en) * 2008-03-19 2009-09-24 Websense, Inc. Method and system for protection against information stealing software
US9455981B2 (en) * 2008-03-19 2016-09-27 Forcepoint, LLC Method and system for protection against information stealing software
US9495539B2 (en) 2008-03-19 2016-11-15 Websense, Llc Method and system for protection against information stealing software
US20100017845A1 (en) * 2008-07-18 2010-01-21 Microsoft Corporation Differentiated authentication for compartmentalized computing resources
US8631486B1 (en) * 2009-03-31 2014-01-14 Emc Corporation Adaptive identity classification
US9600704B2 (en) 2010-01-15 2017-03-21 Idex Asa Electronic imager using an impedance sensor grid array and method of making
US8791792B2 (en) 2010-01-15 2014-07-29 Idex Asa Electronic imager using an impedance sensor grid array mounted on or about a switch and method of making
US8421890B2 (en) 2010-01-15 2013-04-16 Picofield Technologies, Inc. Electronic imager using an impedance sensor grid array and method of making
US9268988B2 (en) 2010-01-15 2016-02-23 Idex Asa Biometric image sensing
US9659208B2 (en) 2010-01-15 2017-05-23 Idex Asa Biometric image sensing
US8866347B2 (en) 2010-01-15 2014-10-21 Idex Asa Biometric image sensing
US8726341B2 (en) * 2011-08-15 2014-05-13 Bank Of America Corporation Apparatus and method for determining resource trust levels
US8752143B2 (en) * 2011-08-15 2014-06-10 Bank Of America Corporation Method and apparatus for token-based reassignment of privileges
US8752124B2 (en) 2011-08-15 2014-06-10 Bank Of America Corporation Apparatus and method for performing real-time authentication using subject token combinations
US8752157B2 (en) 2011-08-15 2014-06-10 Bank Of America Corporation Method and apparatus for third party session validation
US8726361B2 (en) * 2011-08-15 2014-05-13 Bank Of America Corporation Method and apparatus for token-based attribute abstraction
US8726339B2 (en) 2011-08-15 2014-05-13 Bank Of America Corporation Method and apparatus for emergency session validation
US8789143B2 (en) * 2011-08-15 2014-07-22 Bank Of America Corporation Method and apparatus for token-based conditioning
US8789162B2 (en) * 2011-08-15 2014-07-22 Bank Of America Corporation Method and apparatus for making token-based access decisions
US8713672B2 (en) * 2011-08-15 2014-04-29 Bank Of America Corporation Method and apparatus for token-based context caching
US8806602B2 (en) 2011-08-15 2014-08-12 Bank Of America Corporation Apparatus and method for performing end-to-end encryption
US20130047266A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and apparatus for token-based access of related resources
US8850515B2 (en) 2011-08-15 2014-09-30 Bank Of America Corporation Method and apparatus for subject recognition session validation
US8950002B2 (en) * 2011-08-15 2015-02-03 Bank Of America Corporation Method and apparatus for token-based access of related resources
US8910290B2 (en) * 2011-08-15 2014-12-09 Bank Of America Corporation Method and apparatus for token-based transaction tagging
US8584202B2 (en) 2011-08-15 2013-11-12 Bank Of America Corporation Apparatus and method for determining environment integrity levels
US8572689B2 (en) 2011-08-15 2013-10-29 Bank Of America Corporation Apparatus and method for making access decision using exceptions
US8572714B2 (en) * 2011-08-15 2013-10-29 Bank Of America Corporation Apparatus and method for determining subject assurance level
US8572683B2 (en) 2011-08-15 2013-10-29 Bank Of America Corporation Method and apparatus for token-based re-authentication
US8539558B2 (en) 2011-08-15 2013-09-17 Bank Of America Corporation Method and apparatus for token-based token termination
US20130047262A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and Apparatus for Object Security Session Validation
US20130047204A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Apparatus and Method for Determining Resource Trust Levels
US9055053B2 (en) 2011-08-15 2015-06-09 Bank Of America Corporation Method and apparatus for token-based combining of risk ratings
US20130047201A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Apparatus and Method for Expert Decisioning
US20130047248A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Apparatus and Method for Determining Subject Assurance Level
US20130047215A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and apparatus for token-based reassignment of privileges
US9159065B2 (en) * 2011-08-15 2015-10-13 Bank Of America Corporation Method and apparatus for object security session validation
US8726340B2 (en) * 2011-08-15 2014-05-13 Bank Of America Corporation Apparatus and method for expert decisioning
US20130047251A1 (en) * 2011-08-15 2013-02-21 Bank Of America Corporation Method and Apparatus for Token-Based Context Caching
US9253197B2 (en) 2011-08-15 2016-02-02 Bank Of America Corporation Method and apparatus for token-based real-time risk updating
US9798917B2 (en) 2012-04-10 2017-10-24 Idex Asa Biometric sensing
US9571488B2 (en) 2012-08-23 2017-02-14 Amazon Technologies, Inc. Adaptive timeouts for security credentials
US9203818B1 (en) 2012-08-23 2015-12-01 Amazon Technologies, Inc. Adaptive timeouts for security credentials
US20170134367A1 (en) * 2012-08-23 2017-05-11 Amazon Technologies, Inc. Adaptive timeouts for security credentials
US9038148B1 (en) 2012-08-23 2015-05-19 Amazon Technologies, Inc. Secret variation for network sessions
US8996860B1 (en) * 2012-08-23 2015-03-31 Amazon Technologies, Inc. Tolerance factor-based secret decay
US9241259B2 (en) 2012-11-30 2016-01-19 Websense, Inc. Method and apparatus for managing the transfer of sensitive information to mobile devices
WO2015013522A1 (en) 2013-07-24 2015-01-29 Visa International Service Association Systems and methods for communicating risk using token assurance data
EP3025293A4 (en) * 2013-07-24 2017-03-29 Visa Int Service Ass Systems and methods for communicating risk using token assurance data
US20150032625A1 (en) * 2013-07-24 2015-01-29 Matthew Dill Systems and methods for communicating risk using token assurance data
EP3025293A1 (en) * 2013-07-24 2016-06-01 Visa International Service Association Systems and methods for communicating risk using token assurance data
WO2015054697A1 (en) 2013-10-11 2015-04-16 Visa International Service Association Network token system
EP3078156A4 (en) * 2013-10-11 2017-07-12 Visa Int Service Ass Network token system
US9836637B2 (en) * 2014-01-15 2017-12-05 Google Llc Finger print state integration with non-application processor functions for power savings in an electronic device
US20150199554A1 (en) * 2014-01-15 2015-07-16 Motorola Mobility Llc Finger Print State Integration with Non-Application Processor Functions for Power Savings in an Electronic Device
US9940450B2 (en) * 2015-06-15 2018-04-10 Charles R. Bowers Method and apparatus for managing confidential information
US20170124356A1 (en) * 2015-10-30 2017-05-04 Mark A. Allyn Authenticity-assured data gathering apparatus and method
US9881184B2 (en) * 2015-10-30 2018-01-30 Intel Corporation Authenticity-assured data gathering apparatus and method

Also Published As

Publication number Publication date Type
WO2003007125A3 (en) 2003-06-12 application
US7751595B2 (en) 2010-07-06 grant
WO2003007121B1 (en) 2003-08-07 application
WO2003007125A9 (en) 2003-09-12 application
WO2003007127A9 (en) 2003-03-27 application
JP2005531935A (en) 2005-10-20 application
WO2003007121A3 (en) 2003-06-05 application
US7197168B2 (en) 2007-03-27 grant
WO2003007127A2 (en) 2003-01-23 application
US20070274575A1 (en) 2007-11-29 application
WO2003007127A3 (en) 2008-11-20 application
EP1573426A2 (en) 2005-09-14 application
WO2003007125A2 (en) 2003-01-23 application
US20030115475A1 (en) 2003-06-19 application
WO2003007121A2 (en) 2003-01-23 application
US20030126448A1 (en) 2003-07-03 application
US20030115490A1 (en) 2003-06-19 application
EP1573426A4 (en) 2009-11-25 application

Similar Documents

Publication Publication Date Title
US7114080B2 (en) Architecture for secure remote access and transmission using a generalized password scheme with biometric features
US7627895B2 (en) Trust tokens
US5748738A (en) System and method for electronic transmission, storage and retrieval of authenticated documents
US6311272B1 (en) Biometric system and techniques suitable therefor
US7363494B2 (en) Method and apparatus for performing enhanced time-based authentication
US6026166A (en) Digitally certifying a user identity and a computer system in combination
US6401206B1 (en) Method and apparatus for binding electronic impressions made by digital identities to documents
US7788700B1 (en) Enterprise security system
US6073237A (en) Tamper resistant method and apparatus
US7412420B2 (en) Systems and methods for enrolling a token in an online authentication program
US6202151B1 (en) System and method for authenticating electronic transactions using biometric certificates
US20050138362A1 (en) Authentication system for networked computer applications
US7711152B1 (en) System and method for authenticated and privacy preserving biometric identification systems
US20020141575A1 (en) Method and apparatus for secure cryptographic key generation, certification and use
US20020026578A1 (en) Secure usage of digital certificates and related keys on a security token
US20030012374A1 (en) Electronic signing of documents
O'Gorman Comparing passwords, tokens, and biometrics for user authentication
US20110119747A1 (en) Single sign on with multiple authentication factors
US6950940B2 (en) ABDS method utilizing security information in authenticating entity access
US6167518A (en) Digital signature providing non-repudiation based on biological indicia
US20070241182A1 (en) System and method for binding a smartcard and a smartcard reader
US20110302646A1 (en) System and methods for online authentication
US20070106895A1 (en) Biometric non-repudiation network security systems and methods
US20020056043A1 (en) Method and apparatus for securely transmitting and authenticating biometric data over a network
US20100287369A1 (en) Id system and program, and id method

Legal Events

Date Code Title Description
AS Assignment

Owner name: I-CONTROL SECURITY, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:RUSSO, ANTHONY P.;MCCOY, PETER A.;HOWELL, MARK J.;REEL/FRAME:013713/0333;SIGNING DATES FROM 20021205 TO 20021219

AS Assignment

Owner name: I-CONTROL SECURITY, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:I-CONTROL TRANSACTIONS, INC.;REEL/FRAME:015264/0686

Effective date: 20021112

AS Assignment

Owner name: ATRUA TECHNOLOGIES, INC., CALIFORNIA

Free format text: CHANGE OF NAME;ASSIGNOR:I-CONTROL SECURITY, INC.;REEL/FRAME:015393/0534

Effective date: 20030908